The Estonian Health Insurance Fund's (EHIF/ Eesti haigekassa) control activities fail to systematically prevent or detect the misuse of health insurance funds, the National Audit Office said in its latest audit report.
The audit, carried out by the National Audit Office and released on Wedesday, assessed whether the Health Insurance Fund is able to prevent or detect the misuse of health insurance funds and if it reacts accordingly, in case of suspicion or detection of the misuse of funds, and imposes sanctions where required.
The report showed in several cases, the EHIF had not fined healthcare providers who had been caught committing fraud, larger fines are needed and better digital solutions.
In 2019, the Estonian Health Insurance Fund paid €991 million for 10.7 million treatment invoices. In addition, the costs of medicines and medical devices totaled nearly €177 million. As a result of control activities, a total of over €400,000 was reclaimed from service providers in 2019.
The National Audit Office is of the opinion that in case of fraud, the fund must impose a larger fine and terminate the contract to give healthcare providers a clear message such behavior is unacceptable.
When fraud was detected, contractual penalties were applied only a few times during the audit period and were relatively small. The two largest contractual fines amounted to €5,000 each, representing 0.22 percent and 0.0076 percent of the turnover of the fined service providers.
When detecting misuse, including fraud, the fund has not acted quickly to punish institutions, but has limited its actions to reclaiming the money for incorrect treatment invoices. The EHIF said it is difficult to distinguish fraud cases from errors, and prompt and high contractual penalties can jeopardize the continuity and availability of services, especially in a situation where there are few market participants.
Auditor General Janar Holm said in a statement: "According to the EHIF, they use a flexible approach and fine partners only when absolutely necessary. Unfortunately, we know from previous practice a case where a triple violation did not lead to necessary punishment.
"Moreover, following the next procurement, EHIF increased the volume of health care service provided by the repeat offender."
Holm recognized the fund for taking a more decisive approach to responding to violations over the past year and a half.
"I understand that EHIF is also in a difficult situation where stricter penalties can stop a healthcare service in an area, for example, and there is no provider who would want to take it over," Holm said, referring to wider problems with the healthcare system. "Human errors are understandable, however, deliberate deception cannot in any way become acceptable due to the circumstances."
The National Audit Office found the number of more thorough or targeted controls of treatment invoices should be significantly higher than it currently is. All treatment invoices submitted to EHIF are subject to automatic checks to prevent simpler errors and fraud, but the audit showed only a small proportion of treatment invoices pass a more thorough check - a comparison of treatment invoices and medical records (such as a medical history summary), which is called targeted selection.
In 2019, only 0.04 percent of treatment invoices were checked thoroughly, that is under targeted selection, which is less than 4,000 invoices per year,
while the total number of invoices in that year was 10.7 million. The National Audit Office finds that with such a small number of invoices passing targeted selection, serious misuses remain undetected.
Comparing treatment invoices and medical records one by one is a labor-intensive activity, which is why EHIF has carried out less targeted selections in recent years than before. At the same time, EHIF has set itself the goal of using data analysis and machine training to better target these controls.
The National Audit Office recognized EHIF for these innovations, but finds that as long as these methods are still being under development, the volume of records to be audited should not decrease. It is also important to move towards the development of automatic comparisons between treatment invoices and medical records in the health information system in order to save labor and to be able to control more treatment invoices.
The National Audit Office finds that it is necessary to create more convenient conditions for patients to assess the correctness of a treatment invoice. Many frauds can only be detected with the help of patients - for example, situations where a more expensive service is billed than actually provided, or the patient has not received the service at all. If the treatment invoice and medical records contain the same information then EHIF has no other means of verifying the correctness of the invoice
Since 2016, patients have had access to their treatment invoices in the patient portal and they can see the services provided as well as the funds spent. So far, the number of people who have viewed their treatment invoices is low - in the first half-year of 2019, an average of approximately 8,900 people per month, which is 1.9 percent of the people who received healthcare services in the same period.
In order to facilitate access to treatments invoices, the EHIF should launch an application which informs the person, for instance by SMS or e-mail when the treatment invoice for their visit is available on the patient portal. It should also be easy to give feedback to EHIF on the same portal.
The National Audit Office believes the exchange of information between the Health Insurance Fund, the Health Board and the State Agency of Medicines was poor during the audited period. In order to plan controls on service providers more effectively, authorities should systematically share observations and monitoring results with each other, but this is not currently the case.
The National Audit Office recommends the EHIF introduce a so-called information technology desktop - a solution where the audit results of all institutions would be displayed in one view.
In addition, EHIF should also use data from external registers to set up automatic controls. For example, the validity of an activity license of a healthcare provider is not verified because this specific register is maintained by the Health Board.
Therefore, a situation may arise where EHIF pays for treatment invoices submitted by an unlicensed service provider because EHIF is not aware there is no activity license. During the audit, the National Audit Office also discovered a similar case.
The National Audit Office found the EHIF started clarifying the risks of fraud only after major frauds were discovered in 2017. It started after allegations of fraud were reported in the media. However, a clear progress can be seen. While fraud risks were initially included in risk management documents in general terms, since the end of 2019, fraud risks have been classified by activities and responsibilities.
"Complicated risk assessments or software developments are not always necessary to detect a fraud. Problems often present themselves and simply need to be addressed more thoroughly and systematically," the auditor general, Janar Holm, said.
An analysis of the complaints submitted to EHIF revealed that EHIF had checked all the cases identified in the patients' complaints. The National Audit Office found that in some cases the complaints could refer to a broader problem, but EHIF only controlled the treatment invoices in a specific complaint.
For example, the patient reported that on the patient portal it said that the patient with their family had received services ten times between 2014 and 2016, but that they had never actually used those services. EHIF reclaimed the money paid for these ten invoices back from the institution, but did not further control the institution's activities.
Editor: Helen Wright