ATLANTA-Among the many ways a risk manager can help save a health care institution money is by finding and eliminating fraud before the government does.

To do so, a risk manager has to be able to recognize non-compliance with federal Medicare, Medicaid and CHAMPUS laws, and with state and federal laws related to private health insurance, according to Nanci L. Danison, a Columbus, Ohio, attorney who represents health care providers.

"As a risk manager, if you're going to be saving your institution money by sniffing out fraud before the government does, you're going to be sticking your nose in everybody's business," Ms. Danison said last month at the annual conference of the American Society for Healthcare Risk Management in Atlanta.

Corporations can be held liable for criminal or civil health care fraud violations, Ms. Danison noted. Cases prosecuted to date have cost health care institutions hundreds of thousands of dollars in fines, while those involved in the schemes have gone to prison.

"Kickbacks" are a common source of health care fraud, Ms. Danison said, involving money or something of value or a benefit going to one party in exchange for patients or business.

"Something of value" could be simple things such as a fax machine provided to a physician or a free parking space at the hospital "if it induces the physician to send patients to your hospital," Ms. Danison said.

"If a transaction just doesn't make any sense," it should be a tipoff to a risk manager that it might be a kickback, the attorney said.

Kickbacks can involve contracts for goods and services, Ms. Danison said. "But nobody calls it that anymore. It's a 'value-added service.' "

Those can include discounts and rebates, free goods or services or personal service contracts for consulting work that does not require the expertise of the person under contract.

Space or equipment leases are another area with kickback potential, and risk managers should look for any situation where lease rates may be calculated with an eye toward the number of patients referred.

"Partnering-that's a big place to look for kickbacks," Ms. Danison said. A risk manager suspecting fraud should look for partnerships financed largely by one party to get business out of the relationship.

Other possible danger areas are situations in which a vendor is sponsoring seminars, luncheons or patient activities or is solicited for charitable contributions. "Don't use the hospital vendor list to make cold calls," Ms. Danison said. "That's going to be looked at as a kickback."

Research grants "have to be real," she noted. "No research grants with piles of discretionary funds or where you get to keep what's left over after completing the research protocol."

Low-interest loans made by anyone other than a bank or lending institution to a health care provider should be another red flag to a risk manager.

Health care fraud stemming from false claims "is where big bucks are made by the government," Ms. Danison said. "These are where the treble damages are paid. This is where the government also watches you do it for year after year after year and then they finally say, 'Got ya!' "

One false claim pattern that should immediately tip off risk managers is dealings with anyone who promises he or she can enhance the institution's revenue through reimbursement increases or new sources of reimbursement.

Other false claim scenarios are billing for services not provided or undocumented services or billing for services provided by unlicensed or non-qualified Medicare or Medicaid providers.

"Don't bill for stupid things," Ms. Danison said.

Recording uncovered services as covered ones or "upcoding"-raising the level of the service code such as performing a double bypass and billing for a triple bypass, for example-are other fraud areas to guard against.

Another is billing separately for services Medicare links in global or bundled codes, an area that requires particular vigilance from a risk manager because those groupings are constantly changing, Ms. Danison said.

"You've got to watch Medicare," she said. They'll bundle all sorts of things together that don't make any sense."

Double-billing, billing for medically unnecessary devices or billing for services not covered in that facility or locally are other fraud avenues, as are false cost reports-inflating patient costs by including non-Medicare or Medicaid costs or kickbacks.

"All the things in Medicare or Medicaid have some corollary in private insurance fraud," Ms. Danison noted. But, she said, "The primary tool in (prosecuting) private insurance fraud is mail or wire fraud."

Prosecutors have won health care fraud convictions for coding non-covered services, such as cosmetic surgery, as covered services, such as reconstructive plastic surgery; billing for brand name drugs when dispensing generics; or submitting claims for services that were never provided.

Ultimately, Ms. Danison's advice for risk managers regarding health care fraud is to "Find it and fix it."

Risk managers can do attorneys' legwork and serve as expert witnesses, she said, though cautioning: "As soon as you smell something real bad, call your attorneys. When you don't have the attorney/client privilege attaching to what you're discovering, it's all discoverable."

Risk managers also should heed early warning signs, such as patient complaints regarding billing or employee complaints about billing or contracting.

"If an employee complains, jump on it and fix it, because the next thing they're going to do is go to the government," Ms. Danison said.