The press frequently airs stories about spectacular cases of insurance fraud like paying patients to have unnecessary surgeries and billing Medicare for outrageously expensive wheelchairs that were never delivered to patients. Of course, most providers don’t intentionally file fraudulent claims. However, a large percentage of providers are doing so and most aren’t even aware of it. The problem is lack of office staff training and the providers and staff’s ignorance of the rules and regulations. It is a dangerous game to play because of the potential civil and criminal penalties that can be imposed (see “Potential Penalties”). Even worse, providers can be excluded from governmental programs like Medicare and Medicaid, which would mean the end of most practices ability to continue operations.

The Centers for Medicare and Medicaid (CMS), the various intermediaries (Noridian in Colorado) and the Office of Inspector General (OIG) are stepping up investigation and prosecution of fraud & abuse throughout the healthcare industry. Many fraud & abuse cases are initiated by commercial carriers like Anthem. Most providers don’t realize that, in many cases, the claims they are filing are all that is needed for CMS and the various intermediaries to identify patterns of fraud and abuse. Investigations can also be initiated by a private individual (Qui Tam) in hopes of financial gain.

It is beyond the scope of this article to discuss all the risk areas identified by the Office of Inspector General (OIG). For an exhaustive list refer to the OIG Compliance Guidance for Small Practices at These guidelines apply most specifically to governmental programs. Commercial carriers and even Medicaid may deviate in certain respects. It would be prudent to get any deviations in writing from the specific third party payer. The following areas should be of most concern to office-based physicians in private practice:

  • Ÿ Discounts
  • Ÿ Refunds
  • Ÿ Misuse of Provider IDs
  • Ÿ Incorrectly Billing “Incident Services”
  • Ÿ Coding Annual Visits as E&M Visits
  • Ÿ Upcoding (and Downcoding)
  • Ÿ Inadequate Documentation
  • Ÿ Unbundling


Federal guidelines prohibit “routine” discounts below what is billed to Medicare. They also prohibit waiver of Medicare deductibles and coinsurance. Colorado state law prohibits the waiver of copay, deductibles and coinsurance. It is best to only allow discounts for prompt payment and for documented financial hardship.


There are strict federal guidelines on refunding overpayments by Medicare, Medicaid, Tricare, and other federal programs.

Colorado state escheat laws mandate that any money owed to patients or insurance carriers be turned over to the state if it can’t be returned to the rightful owner.

Misuse of Provider IDs

Filing claims under another provider’s ID is viewed as intentional fraud (and a felony). Most commonly this occurs when a practice hires a new provider. While they are waiting for the credentialing process to be completed, they bill the new providers services under an existing providers name and provider ID. It is also not uncommon to bill the services of a midlevel provider like a nurse practitioner or physician assistant under a physicians name and provider ID. Both of these courses of action are fraught with danger.

Incorrectly Billing “Incident To” Services

In order to bill a mid-level provider’s services under a licensed physician, the supervising physician must be physically present in the office and the service must only be follow up care. Any care for a new problem must be provided by the licensed provider and billed under that providers name and Provider ID.

This is one area where commercial third party payers and Medicaid may have different policies. Again it is best to get it in writing before you deviate.

Coding Annual Visits as E&M Visits

This is one of the most widespread incidents of fraud and abuse that occurs. It happens because the provider wants to help the patient who doesn’t have preventative care as a benefit on their insurance coverage. It is one of the areas that is easiest to catch and will be most widely pursued.

Upcoding (and Downcoding)

This is another area that is easy to catch. It varies by specialty but the following table gives a rough guideline of how the provider should be coding E&M visits:

Code Approximate Percentage of Occurrence
99212 21
99213 36
99214 31
99215 12

Inadequate Documentation

Many, many providers don’t understand how to document Evaluation & Management Codes. Many providers select the CPT Code for an office visit based on how much time they spent providing the service. However, the guidelines are clear that time is rarely the determining factor in selecting the appropriate code. It is based on the number of system reviewed, the number of systems examined, the past social and family history, and on the complexity of the medical decision-making.

The guidelines are pretty explicit on the criteria. You must always have a chief complaint documented in the patient’s own words. And the service must be medically necessary.


Unbundling is billing for multiple services that should be included in one global service in order to increase reimbursement.

What do you do now? Appoint a Compliance Officer, Implement a Compliance Plan and have an outside source audit your claims periodically to ensure you are following the guidelines appropriately.

Get In Touch

* Required