August 23, 2019
Data analytics are rapidly changing the face of health care. Increasingly, data drives health care fraud as well as legitimate players. Two whistleblower cases filed under the False Claims Act illustrate the peril of analytics-fueled health care fraud and the potential for using these tools to prosecute wrongdoers.
The False Claims Act is the federal government’s primary tool for combating fraud. Sometimes referred to as “Lincoln’s law,” Congress passed it during the Civil War to combat fraud against the Union Army. A key feature is the qui tam or whistleblower provision. This allows private citizens to sue on behalf of the government and receive a portion of the recovery.
Health care fraud has represented the lion’s share of government fraud recovery. For example, in 2018, health care fraud represented nearly 90% of the $2.8 billion recovered.
Health care fraud takes many different forms. They run from false statements about drugs and devices, to billing for services not rendered. In Essence Group, a Medicare Advantage provider allegedly used data mining to inflate its bills to the government. U.S. ex rel Rasmussen v. Essence Group Holdings, 6:17-cv-03273 (W.D. Mo, 2017).
Medicare Advantage uses the HMO model in Medicare. The government makes a monthly “capitated payment” to the provider for each enrollee. Subsequently, the provider pays for the enrollee’s covered services.
The capitated payment level incorporates an assessment of the enrollee’s health, called the risk adjustment factor, or RAF. In turn, diagnostic codes in a patient’s medical record determine the RAF. Therefore, a provider has a strong incentive to include codes that raise an enrollee’s RAF.
The relator in Essence Group, a physician directed to add these diagnosis codes, alleges just this kind of scheme. Essence Group mined enrollees’ medical records to identify candidates for increased RAF scores. Because of this, Essence Group did not perform the data mining to improve patient care. Above all, they did not perform it for non-Medicare patients, but only for “enhanced” billing to the government.
The allegations in Essence Group are unproven. However, an April Health and Human Services, Office of Inspector General audit of Essence Group found over a third of the records reviewed had unsupported codes. As a result, the audit identified nearly $160,000 in overpayment for the claims reviewed.
The case highlights the risk posed by unscrupulous providers armed with data mining tools. These technologies empower fraudsters to subvert payment systems and increase billing rather than improve patient care. Of course fraud is an ever-present problem in a market-based system. But data mining threatens to supercharge it and enhance health care costs, rather than care.
If Essence Group illustrates the threat from analytics-powered billing, Integra Medical Analytics LLC v. Providence Health and Services, highlights the potential of data to ferret out fraud. No. CV 17-1694 (C.D. Cal 2017). HHS-OIG has long used data-mining in compliance audits. Likewise, state integrity offices do so under Medicaid. However, whether these techniques are available to private whistleblowers suing under the False Claims Act, has been an open question.
Congress enacted the False Claims Act “public disclosure bar” to deter so-called “parasitic” lawsuits. Parasitic refers to cases based on widely-known public scandals or criminal and other civil prosecution. See, e.g. U.S. ex rel. Marcus v. Hess, 317 U.S. 537, 546 (1943) (holding that earlier version of FCA permitted relator to sue based on information in a criminal indictment); Claire Sylvia, False Claims Act, Fraud Against the Government, § 11:35 (identifying Marcus as impetus for public disclosure bar).
FCA practitioners have hotly debated whether a whistleblower may rely on analysis of public data, or whether it be barred.
Integra concerns this question. As with Essence Group, the defendant hired a data analytics firm to identify opportunities for increased billing. Here, the defendant hospital chain utilized J.A. Thomas and Associates, now a subsidiary of Nuance Communications Inc.
Under Medicare’s hospital payment system, payment rates reflect patient sickness. As in Essence Group, the whistleblower alleged that the defendant used data mining to increase billing, not improve patient care. But, the Integra, whistleblower based the allegation on analysis of claims data and information published on the internet.
Integra compared the defendant’s claims to those of other hospitals. And found enhanced severity codes appeared far more often. In some cases, nearly three times more often than at hospitals nationally.
Integra raised the question of whether analysis of public data was fair game for the FCA. The defendant asked the district court to dismiss the case. It argued that the complaint was based on information publicly disclosed by the CMS and on the internet.
In July, the court rejected that argument. Importantly for the future of these cases, the court acknowledged that the relator is not “a prototypical FCA relator in that it had no insider relationship with Defendants,” but found that fact “is not enough to bar its suit.” Integra Med Analytics, 2019 WL 3282619, at *5 (C.D. Cal. July 16, 2019).
The public disclosure bar does not require “insider” information. It bars suit only when the underlying facts are disclosed in specific sources: a federal hearing or report, or in the news media.
The defendants argued that “news media” included everything on the internet. Here, statements on JATA’s website and those of industry groups and online message boards. Certainly, this interpretation would devastate private parties’ ability to ferret out fraud. The court rejected the argument, finding that “as a matter of common sense” nobody would refer to the internet as “news media” in normal conversation. Id. at *11.
Integra opens the door for private parties to rely on information on the internet to fight fraud. This makes sense because it accords with the intent of the public disclosure bar, “to strike a balance between encouraging private persons to root out fraud and stifling parasitic lawsuits.” Graham Cty. Soil & Water Conservation Dist. v. United States ex rel. Wilson, 559 U.S. 280, 294, (2010).
Applying the public disclosure bar when a relator applies advanced analytic techniques to public data makes no sense. Even where innocuous data is public, the inference of fraud is frequently not. Indeed, the fundamental promise of data mining is that it provides conclusions not discernible from raw data alone.
This point was made clear in one of the seminal public disclosure bar cases:
Many potentially valuable qui tam suits would be aborted prematurely by a reading of the [Public Disclosure Bar] that barred suits when the only publicly disclosed information was itself innocuous. . . . [W]hen [information] by itself is in the public domain, and its presence is essential but not sufficient to suggest fraud, the public fisc only suffers when the whistle- blower’s suit is banned.
U.S. ex rel. Springfield Terminal Ry. Co. v. Quinn, 14 F.3d 645, 654 (D.C. Cir. 1994).
Integra analyzed innocuous data to identify, for the first time, fraud against the government. The allegations were not the underlying data, but the patterns revealed. The suit, therefore, is not “parasitic” of any publicly identified fraud. The policy of the False Claims Act favors enlisting private entities do this work, because the government simply cannot do it all.
Data analytics promises great increases in efficiency for patients and doctors. But, in nefarious hands, these tools can enhance health care fraud and drive up costs for all. The legal system must respond as Congress intended, by permitting whistleblowers to use these same tools to attack fraud.
A version of this article appeared on Law 360: Expert Analysis on August 22, 2019.