Healthcare Fraud Shield’s Latest Article: Developing a Method to Uncover Abnormal Billing Behavior

9 Apr

As with past articles from Healthcare Fraud Shield, future articles will focus on specific schemes to look for, where we will examine specific schemes or issues supported by precise codes, be they procedures, diagnoses, modifiers, or DRGs (Diagnosis Related Groups) associated with high risk behaviors.

However, in this article, we want to take a step back and discuss methodologies to analyze data, so that any behavior, known, or not, will raise to the surface, and predicate additional review.  In many future articles, we will relate many of these concepts to methods to uncover the specific schemes discussed.

Developing a Methodology

One of the best ways to uncover “outliers” is to first understand the areas of risk. Think about your successful cases, or recent cases in the news. What common threads did they have? Once you isolate on these “macro” level behaviors, you can begin to look for them, wherever they may hide.

You should develop a method that accounts for the major behaviors you identified. Going through your cases like a checklist is one way to begin to formulate your behavior list. Keep in mind the behavior list is not the list of allegations, it is more the why behind it. For example, what is upcoding? Billing for a higher level of service than what was provided. How/why does that happen? Many factors can impact the degree to which a service is potentially up codded. Some of these include, specialty, condition, and even geography. Your method should answer the why and the how.

One approach you may consider is the below Suspect Behavior Profile When you examine your cases, you will probably find that many of those cases exhibited one or more of the following behaviors driving the scheme. This is just one approach, feel free to use this as a springboard, add to it, subtract from it, make it work for you.


Something is happening too frequently. Most commonly, it could be repeat visits, but it can be more hidden, such as suspicious duplication of procedures over time.


Density looks at how clustered or concentrated behaviors are. For example, a very simple density issue is too many patients in a day. However, as another example, it could look at things such as abnormal numbers of patients from a specific employer group.


Intensity is analogous to the upcoding mentioned above. On the simple side, it can be procedural upcoding, billing a higher level of service within a group of related procedures. It can also include examples that include a modifier, or diagnosis that is added to a claim (think DRG) that increases the payment.


Velocity measures the degree to which a behavior is increasing or decreasing. “Spike” detection often considers only positive changes, but abnormal negative changes can be just as enlightening. Change detection methodology is important to uncover spikes and dips within payments, patient volume and services.


The last of the five (5) behaviors in the profile is connectivity. This looks at relationships between attributes. For example, we often hear of “link analysis” which identifies relationships between provider and patients. However, in addition, and often overlooked, there are “connections” between many other attributes. Examples could include procedure to procedure, procedure to gender, procedure to specialty, etc.  

Take Away

  • Dissect some of your prior cases and think about the behaviors that manifested as potential suspicious behaviors you would like to detect in a more strategic approach
  • Develop specific KPIs for each of those behaviors. Some examples include:
    • Frequency: Visits/Patient
    • Density: % of Patients
    • Intensity: Average Level of Service
    • Velocity: % Increase
    • Connectivity: % of Total
  • Look for outliers at the provider, procedure and diagnosis level for those KPIs. That could be indication of issues that require additional review
  • Conduct additional review, and validate/refine the KPIs that are working best
If you have questions specific to this article, you may contact Jim McCall at

If you have general SIU questions or comments, please contact us at

If you would like to learn more about Healthcare Fraud Shield’s analytics solution, contact us at

%d bloggers like this: