It’s a sad but true reality: bad people take advantage of others during hard times. This is especially true of those who try to cheat dental practices during the COVID-19 crisis. For example, one of my coaching clients contacted me about some N95 masks her office had purchased. She told me, “I don’t see what the big deal is with supply. We got ours right away.” When I asked to see the mask, I immediately saw that the respirators were counterfeit.
Fraud occurs in many places—online scammers, vendors, and even an employee who is been with an office for many years. The best way to stay out of their crosshairs is to understand the different ways that you can be cheated.
External
Hackers are always looking for an easy way to access and exploit your systems. Russ Howell, CEO and IT security consultant for Health Secure IT, says that scammers see crises as opportunities to achieve their nefarious goals.
“As always, criminals pick the low-hanging fruit, and right now, everybody is in COVID panic mode,” Howell said. “Almost from the very beginning, when offices started to shut down, we saw a huge uptick in phishing emails that had attachments or links for information on how to protect employees from COVID.”
Scammers can be sneaky, but quite often they’re not subtle at all. “The scams that are really easy to spot say things like, ‘Click here to find out a cure for COVID-19,’” Howell explained. “Those are pretty easy to spot. Most people will look at that and be a bit skeptical.”
But some scammers are more sophisticated, going to great lengths to steal information. “We started seeing some phishing emails that were made to look like official emails and CDC emails that had guidelines for protecting your staff,” Howell said. “If you clicked on the link you got ransomware or were directed to a website where you had to log in and create an account. Many people use the same password for multiple accounts, which is one of my pet peeves. The scammers have a fairly good chance of harvesting a good password that they can use to access your other accounts if you share your email.”
The scammers’ main target, Howell said, is to install ransomware or steal bank information. “There are emails that purport to be from the Small Business Administration or a practice’s bank that state they are trying to get people to sign up for the Paycheck Protection Program, things like that,” he says. “Instead of asking for them to log into the bank, they ask for them to enter information like their federal tax ID number, their bank account, and routing number, those kinds of things.”
Internal
Sometimes, fraud and embezzlement occur from within the practice and it’s often a person in the practice the owner least expects. Karen Marshall of Vero 3 Consulting says, “Usually, the offender is a trusted employee who has been with the doctor for a long time. This person is the boss’s right hand and the boss trusts him or her with the business, thinking there is nothing to worry about. That's usually where you find a problem.”
Employee fraud can be very simple, such as pocketing a cash payment, or it can be very complex and devious. “These people can be very creative, such as not giving patients a receipt, doing adjustments, deleting payments, putting credits on the account days, weeks, or months after the original transaction,” Marshall said. “Whether a patient pays with cash, check, or credit card, these people can get pretty crafty with how they take that money yet still make it look kosher. It takes digging into the software to find that out.”
Where cracks in an employee’s embezzlement plan become apparent is when their routine is disrupted. “Usually things start unraveling when a new employee comes on board, and red flags appear,” Marshall observes. “There are processes in the front office that these people don't want anyone else to know. They want to keep new people at arm’s length. They don't allow them to get too close and then risk being found out. Maybe the new employees are a little savvier and things don't look quite right to them. Maybe the embezzler has forgotten to take a step as part of his or her scheme, and maybe a patient is sent a statement and the patient says that he paid. That's where embezzlers are usually found out.”
COVID-19
As practices reopen to regular patient visits, a new opportunity for insurance fraud presents itself, and perhaps it’s intentional, or perhaps it’s not. Something as simple as a claim being submitted improperly can be considered fraud. As practices reopen, they may inadvertently be committing insurance fraud. Now is the time to tighten up systems and processes and make sure your team is properly trained.
“Insurance is complicated, with a lot of steps,” Marshall says. “Here in Ohio, offices are open for full-service dental. There has been some kickback from some insurance companies that are saying an office can't do that elective procedure because not all governing agencies have opened up the entire country to deliver complete dental care. What is that going to look like in the future? Are these insurance companies going to have to pay for these services later? Are practices going to have to resubmit these claims and fight for payment? There's still some confusion with insurance companies regarding how they're going to handle certain things.”
Another source of fraud is how personal protective equipment (PPE) will fit into the reimbursement process. Marshall said, “The American Dental Association is recommending that as an intermediate step, offices should charge for PPE. They can't get the amount of PPE they need and it’s expensive, with the cost between $20 and $25 per appointment for proper PPE. So, if someone wants to be seen during this time, offices are charging for it, collecting at the time of service, and then billing insurance. They should submit the claim for D1999, as the ADA advises. Some insurance companies are currently reimbursing, but the next 60 days will determine how insurance companies will address the additional cost for PPE, whether it’s increase fees or reimburse for D1999.”
It is how practices get reimbursed that may lead to questionable practices. “A couple of insurances are paying a portion of that fee, but the patient may owe the rest of it,” Marshall said. “Let's say you charged $20 and insurance paid $10. Does the patient owe the remainder? Does the patient have a credit on his or her account, or would that remainder be applied to the deductible? Or does the money just get pocketed?”
Now is the time to get on board with insurance reimbursement, posting, and collections. Fraud can come at a practice from many different sources. Some are simple, others are crafty; some come from the attackers on the other side of the world, others from within a practice’s walls. No matter how fraud occurs, it’s up to dentists-bosses to ensure that their practices are not being taken advantage of.
Karen Daw, “The OSHA Lady,” is an award-winning speaker, consultant, and author of articles and CE courses about safety in dentistry. She earned an MBA with concentrations in healthcare administration and business management. After graduation, Daw was recruited from the emergency department to her role as assistant director of sterilization monitoring and health and safety director for the Ohio State College of Dentistry. She draws on her rich background to educate audiences on how to avoid penalties, negative reviews, and stay off of the 6 o’clock news. Learn more about Daw at karendaw.com/.
Editor's note: To view DentistryIQ's full coverage of the COVID-19 pandemic, including original news articles and video interviews with dental thought leaders, visit the DentistryIQ COVID-19 Resource Center.
