Health care fraud and abuse is a significant contributor to the cost of health care in the United States. For the fiscal year that ended September 30, 2017, the United States Department of Justice (the “DOJ”) reported that it had recovered $3.7 billion under the False Claims Act (“FCA”), of which $2.4 billion related to the health care industry. Fiscal Year 2017 was the eighth consecutive year that civil FCA settlements and judgments exceeded $2 billion.

To combat fraud and abuse in an increasingly complex health care industry, Federal and State regulators have relied in recent years on data analytics to identify improper and fraudulent health care claims. For example, the Department of Health and Human Services Office of Inspector General (“OIG”) examines Medicare claims data to identify suspected fraud and compare claims to national usage trends while the Centers for Medicare and Medicaid Services (“CMS”) Fraud Prevention System (FPS) applies predictive analytics to claims before making payments in order to identify aberrant and suspicious billing patterns. In August of 2017, the DOJ announced that it would use claims data to identify and prosecute individuals involved in opioid prescription fraud in the effort to fight the opioid epidemic.

Given the regulators increasing reliance on data analytics, health care providers should likewise consider incorporating data analysis into their own compliance programs. Use of data analytics would allow a provider to become proactive in identifying and resolving potential areas of concern, rather than relying on a wait and see approach. By analyzing data available through the provider’s electronic health record and billing systems, providers can identify areas of potential concern, such as utilization of services in excess of national trends, duplicate billing, etc. The provider could then investigate those areas to determine what further action, if any, is needed.

Because of the amount of data available through these systems, providers seeking to use data analysis in this way should monitor DOJ and OIG priorities and enforcement trends. Providers should also consider consulting legal counsel before implementing such a program and when concerns are identified.