By Mike Sacopulos

There is a reason why healthcare executives and managers are more worried about an audit under the Federal False Claims Act (FCA) than medical malpractice claims or cyber breaches.

It is less the potential of fraud than having inadvertent coding mistakes that can result in “false” claims that keeps leaders of healthcare organizations up at night. When there are more than 100,000 codes, it’s easy to make a medical billing error or a misplaced keystroke that changes compensation. Trying to defend against complaints is expensive and complex.

In part due to the potential for mistakes, the U.S. Department of Justice has targeted healthcare operations for False Claims Act violations. Organizations ranging from hospital systems to senior care to hospices[1] — and even private equity investors that have invested in healthcare providers — have found themselves subject to investigations and settlements.[2]

In 2020, the Justice Department recovered more than $2.2 billion in settlements from False Claims Act cases, of which $1.8 billion came from healthcare providers. In the prior year, those totals were $3 billion overall and $2.6 billion from healthcare.[3]

For all the Justice Department headlines, like 2020’s “National Health Care Fraud Takedown” involving a $6 billion telemedicine fraud,[4] most cases relate to far more mundane human errors that are difficult to manage. The largest one is coding mistakes resulting in erroneous billings and claims that accumulate uncorrected over time, and ultimately become systemic.

Not only does the federal government investigate and seek remediation for such issues, which typically involve Medicare and Medicaid payments, but so do third-party payers. Further escalating the risk are separate laws at the state level.

Three types of liability insurance can come into play with FCA actions: directors and officers (D&O) liability insurance; employment practices liability (EPL) insurance; and errors and omissions (E&O) insurance. Coverage of FCA exposures can be dicey, however, as carriers may be reluctant to pay settlements on the grounds they seek uninsured restitution or disgorgement. Many D&O policies, for instance, expressly exclude coverage of punitive damages; many states prohibit that coverage as well. These coverages will, however, cover legal fees.

Making risk management the first line of defense

Of course, organizations should discuss with their brokers the extent of their coverage against potential FCA exposures. It is also smart to put rigorous risk management protections in place.

Here are three good ways to start:

  1. The right people make a difference. When so many problems tie back to the complexities of medical coding, it pays to have highly trained, certified finance teams. Third-party vendors offer training in medical coding and billing, auditing, compliance, documentation and practice management, and organizations like the AAPC (formerly the American Academy of Professional Coders). Since rules and practices are always changing, employers should make training and education a priority.

  2. A coding compliance plan covers a lot of requirements. It is crucial to have a compliance officer and compliance plan. The plan should encompass quality control standards. The plan should also cover training requirements for medical coding and medical billing staff. Federal law mandates compliance plans with seven components.

  3. Audit medical billings routinely. Audits will help identify problems like fraud and improper billing procedures and help show how to avoid long-term financial repercussions. Some organizations self-audit; others may use an outside professional service. Remember that an audit does not provide protection against the liability if incorrect billings are discovered.

Michael J. Sacopulos, JD, is founder and president of the Medical Risk Institute and a consulting partner to HUB International’s healthcare practice.

Contact HUB International’s team of healthcare experts to help your organization prepare for an FCA audit as well as assess and manage risks in today's medical environment.

[1]Hospice News, “Hospices Should Understand the Law to Avoid False Claims Allegations,” February 1, 2021.

[2]Bradley.com, “False Claims Act Risk to Private Equity Healthcare Investors,” October 11, 2020.

[3]U.S. Department of Justice, “Justice Department Recovers Over $2.2 Billion from False Claims Act Cases in Fiscal Year 2020,” January 14, 2021.

[4]U.S. Department of Justice, “National Health Care Fraud and Opioid Takedown Results in Charges Against 345 Defendants Responsible for More than $6 Billion in Alleged Fraud Losses,” September 30, 2020.