When Did $68 Billion in Medicare Fraud Become Acceptable?

Last fall, "60 Minutes" reported on the state of Medicare fraud in the U.S. The results were staggering. Current estimates put the level of Medicare fraud at $68 billion (with a "B"). I have spent a fair amount of time over the last year speaking and participating in the ongoing healthcare debate within Washington D.C. and around the country. Every time I throw out this statistic, I am challenged by people who simply cannot believe that this level of fraud exists and has gone largely unchecked in the recent past.

There have been some moves toward greater enforcement, including a couple massive sting operations within the last year that have uncovered entire companies set up to bill Medicare for procedures that never occurred. Miami-Dade County in Southern Florida has been a hotbed for this activity posting an incredible $3 billion (yes, with a "B") in estimated fraud this past year. But with an aging population and disparate systems with no way to cross-check between Medicare enrollment, social security, and the County Recorder's office, there is no way to verify if a person who is eligible for benefits is the person actually receiving the appropriate medical care, or if the facility billing is a legitimate medical provider.

Obviously this is a huge problem, and in the current economic state this would seem a logical target for capturing lost revenue and putting it back into the government healthcare system. So what is standing in the way of identifying fraudsters and shutting down this bleeding of the Medicare system? It is in the ability to verify the identity of the person receiving care.

This problem is not unique. In the wake of September 11, there was recognition of the need to verify the identity of government employees to provide better homeland security. Under President Bush, Homeland Security President Directive 12 was issued mandating a stronger identity verification process and resulting in a smart card based identity (i.e., Personal Identity Verification and Common Access Card credential being issued to military (DoD) and civilian agencies. While this rollout is ongoing, it has been proven to be an effective way to verify who a person claims they are both physically and logically as they access government computer systems.

This same technology has been used throughout the world as a form of citizen identification and in many cases for the express use in administering health benefits. Smart card-based health identity systems have been implanted in countries such as Sweden, Poland, Germany, Lithuania, France, etc. In France, every eligible citizen is issued a Carte Vitale as part of the government health program. This smart card-based credential provides the citizen with the ability to prove their identity through two forms of authentication or as it is know in the industry, two factor authentication. First, they have the card with their image and information printed on the front. Second, they have a PIN for use when receiving treatment. The citizen simply inserts the card into a card reader and enters their PIN to verify their identification. This type of simple technology virtually eliminates the ability to defraud the system.

So why don't we invest in this type of technology for Medicare beneficiaries providers administering care, and those processing the claim? The blanket answer that is given today is that it is a matter of cost and complexity. Today each Medicare recipients receives a card with their information embossed on the front. This card is inexpensive to produce, but has profound limitations in protecting the recipient from fraud or protecting the system from fraudulent claims. To upgrade the system to a smart card-based technology would cost more than the current card being issued, but let's look at the other side of the argument. If the system is upgraded to a smart card-based system, persons enrolling in Medicare would simply go into the office to verify their identity by bringing other forms of government issued identification. At the time of enrollment, the Medicare recipient would have their picture taken (similar to obtaining a driver's license or passport) and provide a biometric detail like a fingerprint. This information would be encrypted and securely stored on the microprocessor embedded into the card along with a PIN for access when the recipient is accessing their benefits.

Providers would have to go through a similar verification process and would be issued a smart card-based identity credential that would be used at the time of claim submission to verify the legitimacy of the provider. Today, some states have elected to issue a smart card based First Responder Access Credential to medical professionals. This system could be expanded to encompass all medical providers giving care to Medicare beneficiaries and those who have access to the claim during the claims process. This would greatly diminish the potential to defraud the system. So an incremental cost in identity production versus $68 billion in fraud seems to be a logical way to put money back into the system.

While there is no silver bullet in addressing this critical issue, there are simple steps leveraging proven technology (i.e., smart cards) that could go a long way toward stopping the almost inconceivable amount of fraud that is rampant in the current Medicare system. At no point should $68 billion worth of fraud be acceptable in the most technologically advanced country in the world. It is time to address this problem with mature, standards-based technology that has already been proven around the world and within the federal government.