"Welcome, I hope that the tips and advice provided here are a benefit to you and your practice. If you have questions, do not hesitate to contact me for assistance"
- Bill Hiltz
This post outlines a few of the things that you should do to protect your practice.
Let’s start with the basics.
First, you must understand how your practice management software operates. This cannot be overstated. Your employees should never be able to think of you as inexperienced with your software.
Spend some time with the user manual, watch a few online training videos, and attend training sessions with your staff.
At a bare minimum, you must know how to run reports, change user passwords and assign different access levels to employees.
Practice Management Software Security
Make sure every user has a unique log-on name and password.
Have a policy that states users are not to share their passwords with anyone or use anyone else's password to access the software.
Make sure that each day and month are "closed" in the software. Refer to your software manual for help on how to do this.
Consider using your clinical staff to post procedures that were done instead of the front desk.
Have a section in your office policy manual that covers computer usage. You can download a sample from me here: Free Downloads
The Audit Report
Most audit reports contain a list of all transactions that have been changed or deleted after the transaction was first created. This information can be very revealing.
At regular intervals examine the audit report. I recommend at least once a week, but checking it daily is preferred.
Make sure that you are the only person that can access and view the audit report. This can be accomplished by changing the security settings in your practice software. Refer to your software manual for help if needed.
What to look for in audit reports.
Appointment deletions can happen when a dishonest employee deletes the original appointment to conceal that the patient was ever in the practice.
Caution: Audit reports may contain many “benign” appointment deletions. This will happen if your employee has a habit of rescheduling appointments by deleting the original appointment and then creating a new “rescheduled” appointment. When this occurs, the audit report will show that the original appointment was deleted.
Deleting an appointment in the software should be a rare event, used when a patient leaves the practice or is deceased. Consult your software manual for help.
Payment deletions can happen when a dishonest employee deletes the original payment to conceal that the payment was made.
Transactions with odd dates
Dishonest employees will often work late or come in way too early to have some “alone time” in your office. Your audit report will show both the date and time of each event recorded. Look for audit events that were recorded outside normal business hours or when the practice is closed.
A modified transaction means the original record was subsequently changed or edited. For example: a $50 fee changed to a $30 fee or a $100 payment changed from “cash payment” to a “credit card payment”
Look for modifications where the fee or payment was reduced or the payment method switched.
Backdating is one of the ways Bernie Madoff concealed his multi-billion-dollar fraud.
Backdating is the practice of recording a transaction, whether a payment, charge or adjustment, with a date that is prior to what it should be. Backdating is usually disallowed and can be fraudulent based on the situation.
Examine all backdated transactions and pay strong attention to any transactions found to be backdated by a week, a month or more.
Deleted Procedures / Insurance Claims
Look for deleted procedures (charges) or insurance claims. Employee sloppiness and unintentional errors can increase the frequency of deleted records. If the employee makes a mistake during billing, they may choose to delete the first billing attempt and start over. Look to see if deleted procedures or payments have been re-posted to likely correct for an error.
Daily Adjustments Reports
Examine the adjustments report each day, and at the end of each month.
Look at the descriptions used for adjustments to see of they are appropriate and being use properly. Codes such as: “Professional Courtesy”, “Cash Discount”, “Senior Discount”, “Insurance write off”, “Sent to Collections” and more.
If you participate in-network, you will probably see a lot of PPO insurance write-offs. If your software is not configured to differentiate PPO write-offs by insurance company, you should start doing this. This means assigning each PPO insurance a unique code, i.e.: “Delta write-off”, “Aetna write-off”
Do you see any patient names that received a PPO write off and are not really in that PPO?
Check write-offs against the patient’s EOB. Do this for several patients. Do the write-offs equal the amount on the patient's EOB?
Look at the other adjustments. Visually scan each one. If you cannot easily find a reason to explain an adjustment, then further examination is warranted.
PoD is still #1 and the strongest deterrent to theft.
It's easy to increase PoD awareness in your practice by following the recommendations contained in this #TIP and the other #TIPS on our blog
Learn more about PoD here