Bitcoin wariness, anti-hacking measures key for health systems in this age of cyberthreats, experts warn.
Between online marketplaces for Social Security numbers, data hijackings, from Sony to critical access hospitals, and bill-for-sham-services Medicare schemers, catching and preventing fraud is more important than ever.
At the same time that technology is giving fraud perpetrators new tools for their trade, advances in technology are also giving organizations and government investigators new ways to catch or, better, prevent the damage.
2015 is the year of technology in fraud, according to the Association of Certified Fraud Examiners, with six predictions for the new year.
1. Technology will increase the sophistication of fraud schemes, said ACFE member Gerard Zack, manager director of global forensics at BDO Consulting. “More and more we are reacting to reports of fraud with, ‘how did they do that?’” Zack said. For instance, how did a hacker break into the servers of the Surgeons of Lake County, in Illinois, swipe patients’ personal health records, encrypt the data and then demand a ransom for the password back to the data? Schemes are becoming more complex and capitalizing on technology, including some of the new technology deployed by companies in the interest of improving efficiency,” Zack said.
2. Technology, such as data analytics, will also help catch fraud schemes and their perpetrators. “There will be more breakthroughs in the use of technology to detect fraud, particularly in the use of visual analytics and also in the use of tools to mine unstructured data,” Zack said. “Tools that were thought of as cutting edge just a year or two ago will seem ancient in another year or two.”
3. Improving information security is a major priority. More data breaches, like the ones against Home Depot and Target, are bound to happen, according to ACFE vice president and program director Bruce Dorris.
“These breaches have exposed widespread vulnerabilities among organizations that store and maintain personal information,” Dorris said.
“There is an increasing need for information security and protecting against data breaches.” That includes security from external threats as well as internal safeguards. In Flora, Illinois, the 22-bed Clay County Hospital is in the midst of what could be a case of insider hacking — aransom demand from someone with access to personal health records who may or may not have hacked into the system.
4. Digital currencies present new risks, for both companies and consumers.An increasing acceptance of Bitcoin represents a shift in fraud risk, said Jacob Parks, associate general counsel at ACFE.
Vendors/sellers face reduced fraud risks from ‘friendly fraud,’ where customers fraudulently cancel credit card or bank payments after receiving an item,” Parks said. “Digital currency transactions are generally permanent, which makes this scheme untenable. However, consumers face an increased risk of fraud by dishonest sellers, since the transaction is often not insured or protected by an agreement with a financial institution.”
5. Whistleblowers have more technical sophistication and economic incentives to report fraud. “U.S. policy has moved beyond simply protecting whistleblowers,” ACFE’s Dorris said. The U.S. has a number of programs to financially incentivize whistleblowers to expose fraud in bribery, tax evasion, corporate accounting, and of course Medicare and Medicaid reimbursement. “The programs are largely still in the beginning stages, but have already had major payouts.”
6. Financial statement fraud could re-emerge. “One indication is the effort being made by the Securities and Exchange Commission to step up enforcement in this area,” Zack said. In healthcare, many recent mergers and acquisitions are going through implementation, and many are also in the pipeline, along with emerging business ventures — leaving due diligence and skepticism, old school or high-tech, as critical tools in preventing and catching fraud.