Has your practice ever experienced internal theft? Respondents to surveys by the American College of Medical Practice Executives (ACMPE) and Medical Group Management Association (MGMA) reported that 68 – 82% of practices have been victimized by employee theft or embezzlement. Further, the Association of Certified Fraud Examiners has conducted surveys indicating that organizations lose approximately 5% of gross revenues to fraud, waste, and abuse annually. Are you taking practical, easy and cost-effective steps to protect your practice?
In most internal frauds, an employee needs motive, opportunity, and an ability to rationalize the action. While you can't control motive and rationalization, you and your Practice Management (PM) System can limit opportunity. By evaluating and strengthening your internal control system, you can limit your exposure to losses from fraud.
ESTABLISH SECURITY GROUPS AND PERMISSIONS WITHIN YOUR PM SYSTEM
- Confirm that you are taking full advantage of your PM's security groups. Categorize your staff (front desk, technicians/nurses, billing department, physicians, etc.) and consider what permissions each group should have.
- Some questions to consider:
- Which users should have access to financial records?
- Which users should be able to delete claim information or payments?
- Which users should be able to edit data that has already been entered?
- Which users should be allowed to write off balances or create insurance adjustments?
STRENGTHEN CASH MANAGEMENT POLICIES
- Medical practices often have a great deal of cash moving
through them. Ensuring that you have strong cash management
policies will reduce the possibility of an employee embezzling
money without your knowledge.
- Cash Receipts - Require all patient payments to be captured in the PM System and generate receipts for patients. On a daily basis, reconcile the PM System's cash receipt entries with the cash box and the ultimate bank deposit. Require a manager or supervisor sign off on the reconciliation.
- Petty Cash - Consider separating petty cash from a change fund
to make change for patients. Keep the change fund at a consistent
dollar amount each day and balance out the drawer at the close of
business.
Keep petty cash locked in a secure place and maintain a log to account for the movement of money through petty cash. Establish rules about which employees can access petty cash and be consistent.
RUN REGULAR REPORTS
- Use the reporting functionality of your PM System to confirm that all encounters for the day have been posted and "closed."
- Reconcile bank statements to the financial reports from your PM System. If the numbers do not match, investigate and determine why.
- Track adjustments and write offs to understand normal patterns so that variations can be more readily identified.
SEGREGATE INCOMPATIBLE DUTIES
- Whenever possible, allocate financial responsibilities among several employees so that the physical custody of assets (i.e. patient payments) is maintained by employees who are not responsible for the accounting over those assets. Additionally, it is best if the authorization of financial transactions is the responsibility of an individual having no access to either the physical assets or the accounting records. As an example, the employee that physically collects and deposits patient payments should not be the same employee who is responsible for the entering of transactions in the practice's accounting records.
Theft in medical practices is all too common. However, there are some relatively simple policies and procedures that can be adopted to limit your practice's exposure to fraud. Don't become another fraud statistic!
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
