Providers forced to camouflage in mediocrity.
EDITOR’S NOTE: This the first in a series of articles that explores the use of algorithms in the auditing of medical claims.
The Centers for Medicare & Medicaid Services (CMS) has pioneered the use of computer algorithms for detection of fraud. These efforts leverage technologies such as Monte Carlo computational sampling, Markov chain discrete step methods, linear analysis (least squares fitting), structured virtual construct (Dempster-Shafer) formalism, link and social network analysis (also popular in locating terrorists), Bayesian belief networks, probable graph models, conditional linear Gaussian models, neural computational logic systems (neural networks) and artificial intelligence.
These tools are the caviar, buttered toast, creme fraiche, chives, lemon wedges, red onion, and crumbled hard-boiled eggs of mathematical statistics. And they can catch crooks.
One important way CMS stimulates innovation is by providing giant data sets that can be used as raw input into any fraud-catching model that one might be testing. All personally identifiable information, of course, has been stripped out of the files (see data.cms.gov for more details.)
Three Levels of Fraud Detection
We can divide up these computerized techniques into three classes. These are distinguished by the type of computerized analytical tools used.
Level 1 – Claims-Based Systems
First, there are “claims-based” systems that analyze the information found on individual claims and then check to see that it is not obviously wrong.
In many cases, this amounts to a simple check against external databases, such as the excluded provider list, federal investigation database, compromised provider and beneficiary identification numbers, and compromised contractor information. Information about the patient can be checked against various identity services as well, such as credit records, address records (is the address real?), or Social Security numbers.
Claims can also be filtered through a number of rule checks. For example, if a Medicare claim is filed, a duplicate claim should not be filed for Medicaid. Provider rules check to see that what is charged in the claim is actually the service provided. Although this first level is more or less straightforward, it presents a formidable systems design and programming challenge to make it work.
Level 2 – Process-Based Systems
Second, there are “process-based” systems that evaluate how the claim fits into a broader patter of treatment for the patient. For example, the co-morbidity principle recognizes that chronic conditions may appear together in predictable constellations. Conditional probability distribution techniques identify the probability of any particular sequence of procedures, e.g., what the most likely next procedure is. This would flag a procedure that should not be there, such as an initial visit that follows a few weeks after a previous initial visit.
These process-based systems rely heavily on statistical analysis. Much work must be done to understand factors such as the number of procedures per beneficiary, number of drugs prescribed, and costs per patient. Linear programming can make empirical estimates of expected procedure times or total treatment durations. It is possible to know the total number of procedures by type, according to medical specialty. For example, if a provider is giving 30 vaccinations per day, is that reasonable, or a red flag? Of course every patient is different, but here the theory is that there are “standard treatments,” and these can be understood statistically – and as a result, any provider giving treatment outside of standard care can be identified.
These techniques are used to identify providers that are outside of the range of their peers. It is common for an auditor to justify their audit based on the assessment that the provider is an outlier.
Can this commonly used approach discriminate against a specialized provider? What if they “over-perform” simply because they are working hard? After all, are there not many possible explanations, apart from fraud, why a highly specialized provider would bill a comparatively larger number of patients per day? Perhaps there is a mortgage to pay off.
What we need to ask is why it is believed that a provider that is providing more services than its peers is any more likely to be committing fraud than their peers, who studiously remain within the statistical range of the pack? Why is this alone treated as the judicially non-reviewable “probable cause” needed to launch a detailed audit?
In any case, once the audit is on, then we are at the next level.
Level 3 – Documentation-Based Analysis
The third level is less automated. Here, the audit devolves into subjective assessments by coding “experts” employed by the auditors. Artificial intelligence and other computerized methods of examining claims have not reached the level of being able to “read” the patient notes and determine if a solid case for treatment was made. It is true that various statistical methods have experimented with determining the likelihood of any particular word or phrase appearing in connection with a specific procedure. Some research has shown that it is possible to identify the use of “low-probability” words or phrases that do not belong in notes regarding a given procedure. But none of this takes out the human element. That is left to the human reviewer.
It is at this level that the most contentious and destructive aspects of “recovery auditing” is found. Much conflict is little more than a battle of opinions. The provider thinks the notes and records are sufficient; the auditor thinks they are not. In many cases, the auditor does not understand the specialized terminology in the notes, and certainly is not trained in providing the service being audited. And neither is the administrative law judge, who comes into the picture around five years later.
EDITOR’S NOTE: Part I of this series has explored the side of auditors and the automated tools they employ to reduce fraud. In Part II, Roche will explore how providers can band together and create their own automated tools to mitigate the corrosive effects of the auditing deluge.
As the Centers for Medicare & Medicaid Services (CMS) clarifies existing Medicare policies like the Two-Midnight Rule, which guides the appropriateness of inpatient services, some
Today we’re talking about a major shift in Medicare rules that’s going to impact hospitals, surgeons, and physician advisors alike: the phasing out of the
Please log in to your account to comment on this article.
Sepsis sequencing continues to challenge even experienced coding and CDI professionals, with evolving guidelines, documentation gaps, and payer scrutiny driving denials and data inconsistencies. In this webcast, Payal Sinha, MBA, RHIA, CCDS, CDIP, CCS, CCS-P, CCDS-O, CRC, CRCR, provides clear guideline-based strategies to accurately code sepsis, severe sepsis, and septic shock, assign POA indicators, clarify the relationship between infection and organ dysfunction, and align documentation across teams. Attendees will gain practical tools to strengthen audit defensibility, improve first-pass accuracy, support appeal success, reduce denials, and ensure accurate quality reporting, empowering organizations to achieve consistent, compliant sepsis coding outcomes.
Expert presenters Kathy Pride, RHIT, CPC, CCS-P, CPMA, and Brandi Russell, RHIA, CCS, COC, CPMA, break down complex fracture care coding rules, walk through correct modifier application (-25, -57, 54, 55), and clarify sequencing for initial and subsequent encounters. Attendees will gain the practical knowledge needed to submit clean claims, ensure compliance, and stay one step ahead of payer audits in 2026.
Accurately determining the principal diagnosis is critical for compliant billing, appropriate reimbursement, and valid quality reporting — yet it remains one of the most subjective and error-prone areas in inpatient coding. In this expert-led session, Cheryl Ericson, RN, MS, CCDS, CDIP, demystifies the complexities of principal diagnosis assignment, bridging the gap between coding rules and clinical reality. Learn how to strengthen your organization’s coding accuracy, reduce denials, and ensure your documentation supports true medical necessity.
Denials continue to delay reimbursement, increase administrative burden, and threaten financial stability across healthcare organizations. This essential webcast tackles the root causes—rising payer scrutiny, fragmented workflows, inconsistent documentation, and underused analytics—and offers proven, data-driven strategies to prevent and overturn denials. Attendees will gain practical tools to strengthen documentation and coding accuracy, engage clinicians effectively, and leverage predictive analytics and AI to identify risks before they impact revenue. Through real-world case examples and actionable guidance, this session empowers coding, CDI, and revenue cycle professionals to shift from reactive appeals to proactive denial prevention and revenue protection.
In this timely session, Stacey Shillito, CDIP, CPMA, CCS, CCS-P, CPEDC, COPC, breaks down the complexities of Medical Decision Making (MDM) documentation so providers can confidently capture the true complexity of their care. Attendees will learn practical, efficient strategies to ensure documentation aligns with current E/M guidelines, supports accurate coding, and reduces audit risk, all without adding to charting time.
Join Ronald Hirsch, MD, FACP, CHCQM for The PEPPER Returns – Risk and Opportunity at Your Fingertips, a practical webcast that demystifies the PEPPER and shows you how to turn complex claims data into actionable insights. Dr. Hirsch will explain how to interpret key measures, identify compliance risks, uncover missed revenue opportunities, and understand new updates in the PEPPER, all to help your organization stay ahead of audits and use this powerful data proactively.
Stay ahead of the 2026-2027 audit surge with “Top 10 Audit Targets for 2026-2027 for Hospitals & Physicians: Protect Your Revenue,” a high-impact webcast led by Michael Calahan, PA, MBA. This concise session gives hospitals and physicians clear insight into the most likely federal audit targets, such as E/M services, split/shared and critical care, observation and admissions, device credits, and Two-Midnight Rule changes, and shows how to tighten documentation, coding, and internal processes to reduce denials, recoupments, and penalties. Attendees walk away with practical best practices to protect revenue, strengthen compliance, and better prepare their teams for inevitable audits.
As AI reshapes healthcare compliance, the risk of biased outputs and opaque decision-making grows. This webcast, led by Frank Cohen, delivers a practical Four-Pillar Governance Framework—Transparency, Accountability, Fairness, and Explainability—to help you govern AI-driven claim auditing with confidence. Learn how to identify and mitigate bias, implement robust human oversight, and document defensible AI review processes that regulators and auditors will accept. Discover concrete remedies, from rotation protocols to uncertainty scoring, and actionable steps to evaluate vendors before contracts are signed. In a regulatory landscape that moves faster than ever, gain the tools to stay compliant, defend your processes, and reduce liability while maintaining operational effectiveness.
Happy National Doctor’s Day! Learn how to get a complimentary webcast on ‘Decoding Social Admissions’ as a token of our heartfelt appreciation! Click here to learn more →
CYBER WEEK IS HERE! Don’t miss your chance to get 20% off now until Dec. 1 with code CYBER25
CYBER WEEK IS HERE! Don’t miss your chance to get 20% off now until Dec. 2 with code CYBER24
