The US Department of Justice (DOJ) and US Department of Health and Human Services, Office of Inspector General (HHS-OIG) are increasingly relying on sophisticated data analytics tools to identify and investigate fraud schemes, particularly in the healthcare sector. DOJ’s announcement of four new False Claims Act settlements and cases involving similar fraudulent billing schemes further demonstrates the effectiveness and importance of DOJ and HHS-OIG’s data analytics programs. Healthcare companies should take steps to prepare for these data-driven enforcement actions and incorporate data analytics into their own compliance and audit programs.
The US Department of Justice (DOJ), US Department of Health and Human Services, Office of Inspector General (HHS-OIG), and other federal agencies have long discussed using data analytics to identify and investigate fraud and other criminal conduct. Data analytics is the process of examining data sets to draw conclusions and identify patterns about the information they contain. Aided by advancements in technology and more robust and useable data sets, federal agencies are finally using this game-changing investigative tool to effectively and efficiently pursue criminal and civil enforcement actions, as explained in this Bloomberg Law article. DOJ’s most recent healthcare enforcement matters further demonstrate this trend, particularly in the healthcare sector.
On October 14, 2021, DOJ announced the latest four enforcement actions in an ongoing national investigation into an alleged improper billing scheme involving P-Stim electro-acupuncture devices. Federal healthcare programs do not reimburse for P-Stim devices, but the parties promoted them as billable to Medicare and other federal healthcare programs, causing providers to submit fraudulent claims. This ongoing national initiative has produced more than 15 False Claims Act (FCA) settlements nationwide worth approximately $15 million.
DOJ announced that the enforcement actions stemmed directly from its use of data analytics. The agency emphasized that the Eastern District of Pennsylvania (the district in which the enforcement actions were filed) is helping to lead the “national Department of Justice effort to apply analytics to healthcare claims data to identify providers who have fraudulently billed federal healthcare programs.”
Consistent with these most recent enforcement actions, DOJ and HHS-OIG (among others) increasingly are emphasizing and relying on data analytics to identify and combat fraud and abuse in the healthcare context. HHS-OIG’s data scientists and statisticians use a variety of sophisticated data analytics tools, including predictive and geospatial analytics and artificial intelligence, to examine vast amounts of healthcare, law enforcement and operational data. This allows HHS-OIG to quickly identify trends, outliers and potential investigative targets. Once HHS-OIG or DOJ identifies new trends and types of fraud schemes, their data analytics tools allow them to rapidly identify and target similar instances of fraud throughout the country—which appears to be exactly what happened in the most recent P-Stim device FCA cases.
DOJ and HHS-OIG’s increased use of data analytics has already led to a significant rise in the number of federal FCA cases initiated directly by DOJ as opposed to via qui tam whistleblower complaints. DOJ initiated 100 more FCA cases in 2020 than it did in 2019, resulting in the most non-qui-tam FCA cases filed in almost 30 years. The number of data-driven FCA fraud investigations will likely continue to increase, particularly as the government continues to investigate potential fraud associated with the CARES Act, the Provider Relief Fund and the COVID-19 pandemic.
All healthcare companies and providers should be mindful of DOJ and HHS-OIG’s increased reliance on data analytics and should take steps to prepare for any potential data-driven enforcement actions. Companies should incorporate sophisticated data analytics into their audit and compliance programs to minimize enforcement risk. Just as the government can use data analytics to rapidly identify and investigate fraud and abuse, companies can likewise use it to identify risks early and avoid being ensnared in costly government investigations and prosecutions. Companies should continue to monitor high-risk areas, evaluate whether all data relating to those risk areas are actually being collected, and put in place systems to ensure that the data collected is effectively monitored and analyzed to identify any potential errors and/or misconduct. To the extent a company finds itself subject to a government enforcement action, defense counsel should conduct their own data analysis to prepare an effective defense strategy. Data analytics can be instrumental in helping healthcare companies respond to FCA claims or other enforcement actions.