FierceHealthcare FierceHealthIT FierceMobileHealthcare FierceHealthPayer
FierceHealthFinance FierceEMR FiercePracticeManagemtn Hospital Impact

Wikio - Top Blogs - Health

Hospital Impact has been ranked one of the top 50 healthcare blogs by Wikio.

Get the RSS Feed


Advertise with us

Contact us

How to mitigate, monitor potential vendor fraud

April 2nd, 2014

by Kevin L. Shrake

If you are a C-suite executive in healthcare, how confident are you that there are no fraud and abuse issues related to your employees, vendors and supply chain transactions? It is typical for a medium-sized hospital to have 4,000 vendors and hundreds of thousands of transactions over the course of a year.

How do we traditionally monitor the validity of our vendors, the integrity of our employees and the accuracy of our transactions?

Normally we accomplish this through a one-time vendor verification that may only require they fill out a W-9 and perhaps check their certificate of good standing. Then there's the normal check and balance of authorizations along with monitoring by an internal audit department, culminating with an annual external audit for the purposes of verifying the accuracy of tax filings and other required governmental reports.


Not every best practice resides in healthcare. Other industries have been using a forensic set of protocols tied to a series of critical databases that allow for continuous monitoring of risk.

Who Has Risk?

Ignorance may be bliss but the government states that lack of knowledge is no excuse. If you are found doing business with someone on the government sanction list, you're subject to fines reaching up to millions of dollars. Even if you monitor those lists once a month, changes occur daily that create risk. Not only is the institution at risk, but the government can hold executives as well as the board members personally responsible.

Arrogance may be bliss, but every organization in the country has some level of fraud and abuse, or just simply errors, in regards to their employee relationships and vendor master file. Assuming you have "everything covered" can be a very dangerous and costly mindset.

A Telling Statistic

Experts in the area of accounts payable risk management estimate 1.6 percent of a healthcare facility's vendors are companies you should not pay for one reason or another. In the majority of the cases, there is no product or service being delivered. If you have a method to identify those vendors and eliminate them, major cost avoidance moving forward can be realized.

Let's do the math. A typical medium-sized hospital has 4,000 vendors. Using the 1.6 percent benchmark means you should avoid doing business with about 64 vendors. A typical average annual $30,000 expenditure per vendor equates to $1.92 million in potential cost avoidance.

Importance of Taking Action

Healthcare executives have major incentives for taking action:

  • Recover cash from simple errors
  • Avoid fines through diligent monitoring
  • Discover and eliminate conflicts of interest
  • Avoid fraud and abuse costs, and even jail time, through proper discovery

Best Practices for Fraud and Abuse

Hospitals and healthcare systems should:

  • Have a process to validate current vendors as well as all new vendors moving forward.
  • Have the ability to identify relationship connectivity between vendors and any current employees for reasons of potential conflict of interest.
  • Continuously monitor multiple government sanction lists to assure organizations are not doing business with a vendor or employee on one of the lists. The lists change daily, so periodic spot checks are not best practice.
  • Create a risk management system for all credit card or virtual card transactions. This includes e-payables, fleet cards, travel cards or purchasing cards. This allows organizations to maximize cash rebates from those programs while mitigating risk.
  • Have a continuous, automated product recall process that identifies recalls and facilitates communications and actions related to managing those recalls.
  • Have the ability to quantify cash recovery and cost avoidance that leads to direct margin improvement as a result of the monitoring efforts.

In Summary

Errors, fraud and abuse exist in every organization regardless of the industry, and healthcare is no exception. Existing protocols to mitigate risk are inadequate and illustrated by numerous stories where people figure out how to circumvent the system for their own benefit.

C-suite executives, board members and the organizations themselves are all responsible for identifying and eliminating fraud. No system is perfect, but many of the best practices in this area come from outside of healthcare. When evaluating systems, adherence to the best practice characteristics listed in this blog post should provide for the highest level of safety, best cash recovery and cost avoidance opportunities, and lowest risk in relation to potential governmental penalties or fines.

Kevin L. Shrake ( is a 35 year veteran of healthcare, a fellow in the American College of Healthcare Executives and a former hospital CEO. He currently serves as the Executive Vice President/Chief Operating Officer of MDR™, based in Fresno, Calif.


Get Hospital Impact in your inbox!

List in Marketplace | Supplier in Marketplace