The Health Insurance Portability and Accountability Act (HIPAA), formerly known as the Kennedy-Kassebaum Law, contains the most sweeping changes to health care fraud rules since their inception. This month, we'll explore the aspects of that law that focus on the topic of money.
In many respects, money is the driving force behind HIPAA. This nation spends more than $1 billion daily on health care. Government studies extrapolate that up to 10 percent of this spending is tied to fraud and inaccuracy. According to representatives of the Health Care Financing Administration, current health care fraud enforcement returns to the government $7 to $10 for every dollar spent on investigation and enforcement. It is not surprising, therefore, that prosecution of health care fraud is the Justice Department's second-highest priority, right behind violent crime.
HIPAA responds to this monetary reality in three major ways: whistle-blower rewards, increased government funding and a bounty system. The first of these incentives was discussed in our March column. HIPAA requires HCFA to establish a fraud reporting hotline modeled after the whistle-blower program already in place at the Internal Revenue Service. That hot line solicits information from anyone about possible false claims or other fraud (excluding kickbacks) that involves amounts in excess of $100. If the disclosure leads to government recovery, the whistle-blower will receive a share of that recovery. Because fines can reach $10,000 per violation and triple-damages penalties can raise those amounts to $30,000, the rewards for disclosure can be substantial.
Funding is the second layer of HIPAA's monetary foundation. To step up its enforcement efforts and fulfill its obligations under HIPAA, the government needs more manpower and more investigative technological tools. Because of this, HIPAA has made available to HCFA, the Department of Justice, and Medicare carriers and intermediaries an unprecedented and truly remarkable amount of new funding. Specifically, without further appropriations, HIPAA authorizes 1997 funding of $60 to $70 million for the Department of Health and Human Services Office of Inspector General. This amount will increase approximately $15 million annually, to a funding level of $150 or $160 million after the year 2002 for Medicare and Medicaid program activities. The FBI will receive $47 million in 1997. This will increase about $13 million annually, to $114 million after 2002.
Much of this funding will go to increasing the manpower available to the government. For fiscal 1996, as an example, the FBI conducted 2,200 health care fraud investigations, up from 591 in 1992. The FBI expects to assign 500 agents to health care fraud over the next few years. Dozens of posts are opening up for government lawyers to investigate violations. The inspector general is opening offices throughout the country.
Perhaps the most significant development involves Medicare/Medicaid intermediaries and carriers. HCFA has begun to require intermediaries and carriers to track patterns of billing and utilization by health care providers, in an effort to identify areas of possible overutilization, inappropriate billing, lack of medical necessity and other offenses. The intermediaries and carriers are required to shift their focus in responding to these problems from recouping monies inappropriately paid out to denying payment until questionable submissions can be verified as appropriate.
Needless to say, the intermediaries' and carriers' ability to apply the mandate effectively and fairly remains to be seen. Already, providers are seeing payment denied because of overzealous or inaccurate intermediary or carrier efforts. Unfortunately, the process for persuading intermediaries and carriers that they have erred can be cumbersome, costly and only marginally effective. I hope this will change. But it sure is a mess now.
Nonetheless, HIPAA demonstrates a strong commitment to this intermediary/carrier initiative. Specifically, HIPAA authorizes 1997 funding for intermediaries and carriers of $430 to $440 million, increasing by almost $50 million annually, to $720 million after 2002. If the government's estimate of a 700-percent to 1,000-percent return on its enforcement spending is accurate, it suggests that the government is looking to collect more than $3.5 billion this year, doubling in annual amount over the next five years.
We certainly can hope that this enforcement activity will locate the true abuses of the system, the egregious examples of fraud. This is not likely to be the case. Ignorance of the rules, sloppy record keeping and billing inaccuracies can easily lead to billing patterns that suggest possible fraud or abuse. The most troubling aspect of all of this, though, is that HIPAA has also created a "bounty system" that encourages the government to seek financial settlement from nearly any provider who falls under the government scrutiny.
Specifically, Section 201 of HIPAA creates a "Health Care Fraud and Abuse Control Account" to be included as part of the Medicare Trust Fund. Section 201 further requires transfer to the Medicare Trust Fund's control account of all criminal fines and forfeitures and all civil penalties collected by Health and Human Services (through HCFA and the inspector general and by the attorney general (through the Justice Department and the FBI) under the False Claims Act. The funds will be available to fund further anti-fraud activities by the OIG, the Department of Justice, and the FBI. In other words, settlements extracted by the government in its health care fraud enforcement activities return to those enforcing agencies to fund further spending.
To my mind, this will inevitably create a de facto "government speed trap" for health care providers. Just as some small towns throughout America fund their police departments or other agencies by revenues collected from traffic violations, so, too, does the Health Care Fraud and Abuse Control Account now fund the government's health care fraud initiatives. Just as the small town system encourages aggressive fines, speed traps (especially targeting out-of-state cars) and a disincentive to find a driver innocent, so does the Health Care Fraud and Abuse Control Account create an incentive for overzealousness in investigation and enforcement, a disincentive to acknowledge extenuating circumstances and a reluctance to abandon any enforcement action without some financial settlement.
I do not suggest that this potential for abuse is intentional or conscious on the government's part. But a program that rewards investigation with direct financial incentives for settlement is a program that will realize aggressive and overzealous enforcement.
I might suggest (to use the government's own verbiage again) that the bounty system set up by HIPAA creates the "appearance of impropriety" in government-endorsed enforcement actions. Eventually, this portion of HIPAA may be revised. But getting to that point will be painful for physicians and managed care executives.