Do You Have a Healthcare Fraud Prevention Strategy Ready for COVID-19?

Do You Have a Healthcare Fraud Prevention Strategy Ready for COVID-19?

Artificial Intelligence allows health plans to more nimbly address FWA while reducing false positives

To make an obvious understatement, the new coronavirus (COVID-19) pandemic is an event like we’ve never seen. While essentially the whole country is shut down, the healthcare system is both slowing and accelerating at the same time. All of us in the FWA business know that 99.9% of providers are working tirelessly to treat affected patients, calm those with symptoms, and manage an unprecedented healthcare event. At the same time, both intentional and unintentional changes may spur a spike in healthcare fraud, waste and abuse.

I have recently seen personal examples of how changes to treatment and patient care during this time will change, with both my primary care and multiple specialists moving to Telehealth visits.

You have probably already seen that the Department of Health and Human Services (DHHS) and the Center for Medicaid and Medicare Services (CMS) have eased some of the coverage and benefit restrictions for many enrollees to allow for less administrative issues on the part of providers as well as quicker time to treatment. The Coronavirus Preparedness and Response Supplemental Appropriations Act, 2020 (§H.R.6074) was signed into law on March 6 along with authorized federal spending to help with the pandemic. There are several aspects to the bill but perhaps most pertinent to the SIU involves the ability for the DHHS secretary to temporarily waive certain Medicare requirements for Telehealth services.

Foremost among the Telehealth changes (Telehealth Services During Certain Emergency Periods Act of 2020) that initially affect Medicare beneficiaries by allowing more lenient guardrails around Telehealth include:

  • Waiving originating site (such as hospital, physician office, etc.) and the geographic requirement
  • To qualify for the waiver, the provider must have treated the patient within the past 3 years or have been in the same practice as a rendering provider
  • Telehealth patients can use their Smartphones to receive the Telehealth visit

Medicaid changes and reimbursement will, obviously, be on a state-by-state basis, but several U.S. House Representatives are requesting their states relax Telehealth requirements similarly to CMS. We are already seeing some of our commercial payer customers changing Telehealth reimbursement (CPT 99201-99215; HCPCS G0425-G0427; G0406-G0408; G2012, G2010) to reflect a typical office visit (CPT 99210-99215). In addition, we should expect that not only will many commercial plans duplicate the CMS recommendations, but we should expect some copays may be waived as well.

If some estimates are accurate, as much as 80% of the visits in the coming weeks and months will be via Telehealth. Therefore, payers need to be prepared to identify not only potential fraud, waste and abuse, but also to recognize when the encounter is a false positive due to the pandemic.

Because our Pareo Fraud solution incorporates multiple layers and scoring modalities, there are 4 primary areas where AI can assist in quick and accurate recognition.

Look at more than a just query of CPT, ICD-10 codes

If you’re using only a rules-based system for detection, queries into codes alone will show a limited range of views into an encounter and, more importantly, a trend. Since the pandemic is, by its nature, time-based and characterized by specific symptoms, a multi-faceted view is important.

An example of this would be using Artificial Intelligence to dig deeper and wider to look at metrics such as specialty, dates of service, patient acuity, and past treatment history of the individual patient in coordination with each other. The model then compares like providers based on those metrics, as well as like patient history, past SIU history of the provider, and other key indicators. The model continues to learn and evolve as the system reviews more claims so what might not be a trend today, could be recognized as one tomorrow. This helps SIUs instantly recognize an issue and take immediate action.

Spikes in volume from week-week, month-month, especially with highly likely specialties

Monitoring spikes in claim volume based on dollars paid or number of unique patients is always important and common among most SIUs. But COVID-19 identification and treatment are moving so fast that it may be difficult to keep up with a spike. Therefore, your detection should be able to determine what was “normal” at what points in time, when did it become “abnormal” and for how long. This may seem like a retrospective approach, but AI enables you to simultaneously look at historical normal, recent and current spikes, and predict what the “new normal” should look like.

The AI models in Pareo Fraud combine the time frequency, frequency of codes billed during the time frame, volume and frequency of length of time that the provider has been seeing the affected patient population, any previous payment integrity audits on the codes, and others. As of March 13, 2020, the AMA created a new CPT code to help streamline Coronavirus testing, so the utilization of dates and billing frequency becomes even more important.

Scope of Practice and Specialties

Most states have requirements around Telehealth and who can provide these services. The medical boards of 49 states, plus those of the District of Columbia, Puerto Rico, and the Virgin Islands, require that physicians engaging in telemedicine be licensed in the state in which the patient is located. Twelve state boards issue a special purpose license, telemedicine license or certificate, or license to practice medicine across state lines to allow for the practice of telemedicine.

However, the symptoms of coronavirus may not be the virus itself but, instead, other illnesses such as flu, bronchitis, pneumonia or simply a common cold. This lack of clarity makes identifying actual COVID-19 cases and legitimate testing and treatment difficult to differentiate from a provider trying to take advantage of the system. Paying careful attention to the specialty of the provider, combined with their history and the patient’s history is important.

The AI models in Pareo Fraud can combine the following to help identify excessive coronavirus testing and treatment outside of the normal:

  • Specialty. We should expect to see, with varying degrees of frequency, all primary care, Pediatrics, ER, Pulmonology, Allergy & Immunology, Infectious Disease
  • Dates of service. When did billing for the common coronavirus CPT and ICD-10 codes start, peak and tail off?
  •  Geography of the provider’s patient population
  • Peer-to-peer analysis of provider vs. same specialty
  • Place of Service to determine ER, hospital, office, Telehealth or elsewhere.

Again, these metrics are incorporated into a single model and, when combined with other AI models, give a fuller picture during a specific time frame (the pandemic).

What about false positives?

Dealing with false positives will always be a challenge when fighting healthcare fraud, waste and abuse. Due to the extreme nature of the coronavirus outbreak, severity of symptoms and overall lack of testing equipment, there is still the concern of people flooding the healthcare system when even just one of the many COVID-19 symptoms are present. This will create enormous volumes of claims that are at least somewhat related to the outbreak. So how does an investigator differentiate from a concerned patient and a diligent provider versus a potential suspect?

By using the AI models described above, much of the differentiation can be accomplished within the technology itself, before an investigator must make a judgment call. Because of the self-learning nature of the models, they can determine a one-off from a trend, and look at multiple dimensions of providers, members, claims, and overall encounters during a finite (hopefully!) period. This helps alleviate inconveniencing a provider about legitimate claims and focus on the those trying to take advantage of a once-in-a-lifetime situation.

Let’s hope that this is a temporary challenge but also be vigilant in helping those who need it while identifying those trying to profit off some very trying times.


Talk to ClarisHealth about your fraud initiatives and how Pareo® can help.

Try Before You Buy: A bottom-up approach to health plan technology adoption

Try Before You Buy: A bottom-up approach to health plan technology adoption

Why flipping the script on enterprise software is the future of digital transformation 

Have you ever tried a piece of technology at your health plan before it was adopted by the broader organization? Think about solutions like MailChimp, Survey Monkey, Slack and Zoom. Even in our highly regulated industry, many of these tools are in place. And, more often than not, the path to adoption started with a trial by a small group of end users, without budget approval or a lot of red tape. Either by trying the entire ecosystem for a limited time, or by testing limited functionality, all for free. 

Now, you may be wondering how these consumer-facing, relatively low-cost examples apply to enterprise software, and it comes down to end users. No matter how “big” or “small” a solution, if it’s not adopted by end users, its benefits will elude your organization. In fact, end user adoption is arguably more critical to the success of broader digital transformation initiatives than edicts from the top. In McKinsey research on internal change management, they found that “when people are truly invested in change it is 30 percent more likely to stick.” 

When your health plan invests resources in new technology, increasing the odds of success holds serious appeal. One surefire way to get end users to embrace digital change is to involve them heavily in the selection process. We’ll cover the benefits in depth, but first a couple of definitions. 

Freemium and Free Trial

Modern technology vendors that offer opportunities for users to vet their solutions tend to pursue one of two paths. 



The basic solution is always free forever while more advanced features, additional users, custom configurations, high number of exports, etc. are reserved for paid plans.


Free Trial

The full solution is offered for free for a limited time. Not to be confused with sandbox demo environments, free trials enable users to input their own data and use the application as they would upon full adoption, activity that is preserved upon upgrade to a paid plan. 

No matter the path to bottom-up technology adoption, the end users and the organization are able to realize significant benefits. Let’s explore the five most important reasons to support end user trials of technology. 

Establish Trust 

Especially useful if your health plan is considering a solution provided by an unproven or unfamiliar vendor, testing what it’s like to be a client provides valuable information that you can’t get another way. During this test period, you’ll be able to answer key questions: 

  • What is the customer support experience like? 
  • How easy is it to get started with the product? 
  • Do I like working with this company and its people? 

Getting input from other clients of the vendor may predict some of your experiences, but every situation is unique. There is no substitute for firsthand knowledge. This mitigates the risk health plans take when they evaluate a SaaS technology solution through a traditional RFP process. It’s hard to take every factor into consideration, and trying to do so in one RFP will often solicit unwieldly amounts of information from a health technology vendor. Instead, trying before buying may answer unknowns, inspire better questions, and uncover hidden value. 

Prove Value 

It’s all too easy for a vendor to make claims that aren’t entirely representative of the reality. Not because we strive to be intentionally misleading – quite the opposite. Rather, vendors’ abilities to assure your specific value is limited to application data and anecdotal evidence from analogous health plansThink about how you might request a proof of concept from a vendor in a traditional technology evaluation and purchasing model. That proof of concept confirms that a solution works for organizations like yours.  

On the other hand, when a vendor offers their solution for actual use, you are able to prove that value for youIn addition to your health plan’s long list of feature/function requirements, this opportunity to explore your exact path to ROI is invaluable. As we wrote in a previous article, the benefit lies in transparency. “Lack of access to broader, contextualized data may limit your ability to see ‘big picture’ challenges you need to solve, which can strangle the potential of you and your staff members.” Trialing a solution with end users breaks down that barrier. 

How Other Industries Handle Technology Buying Decisions

Applying the Freemium concept to health plan SaaS technology may seem novel, but other industries do this regularly. Borrow these tried and true strategies from outsiders and apply them to your technology  adoption process   

  • Secure proof of concepts from multiple vendors. 
  • Ask for departmental demos – ensure the technology vendor that you are evaluating has the right expertise by narrowing your scope. 
  • Utilize a freemium environment to trial and error functionality. Follow up with your account rep to answer outstanding questions. 
  • Ask for solutioning plans to solve pressing problems, rather than broad lists of feature/functionality. Request vendor training resources, implementation specialists and product account owners be on calls with your team as you progress through the buying process  
  • Don’t be afraid to ask questions – as often as needed 

Determine Usability 

If proving value is important to organization-wide goals, usability makes it more likely you will get there. Usability affects end users most acutely and, as a metric, can’t be established outside of using the product. You can measure usability with as few as 3-5 users completing a set of tasks, based on the following metrics: 

  • Success rate 
  • Time to completion 
  • Error rate 
  • Users’ subjective satisfaction 

Any product that lacks usability wastes time and energy – both the organization’s and the end users’ -so an opportunity to interact with the solution in the real-life setting is a bonus. In fact, it only behooves vendors to offer a freemium or free trial of their solution if the “product sells itself.” Meaning, intuitive solutions that are relatively simple to self-serve given a reasonable baseline of knowledge. Users are unlikely to pay for a solution they know to be substandard, given the choice. 

Move Faster 

Why is the path to adopting enterprise technology solutions so slow? Your health plan, like any large organization, can’t afford to get it wrong. The time and money that go into evaluating, selecting, implementing, training and using a new system must yield significant improvements, and proceeding deliberately should mitigate unwelcome surprises. 

But doing your due diligence doesn’t have to mean moving at a glacial pace. Hands-on access to a solution before your health plan makes a long-term commitment allows you to address concerns more quickly and authoritatively. And, should you decide to move forward with an organization-wide implementation, those early user experiences provide insights for broader adoption. Informing you of lessons learned on workflow and where to concentrate training, for instance, so you can realize ROI more quickly. 

Minimize Risk 

Organizations tend to delay taking on a new technology solution until the current pain outweighs the potential risk. These potential benefits of a low-commitment opportunity to try software before you buy it all add up to minimizing your health plan’s risk. By establishing trust in your vendor, proving solution value, and confirming usability up front, you can position yourself to avoid roadblocks and make a more informed decision. 

Additionally, delays on new technology implementations may occur if your health plan does not have adequate buy-in or designated project resources. A freemium model allows user groups to engage with the technology and become in-house SMEs ahead of a full implementation, meaning that your health plan will have knowledgeable internal resources at its disposal – a move that should make your implementation all the smoother! 



Talk to ClarisHealth about your fraud initiatives and how Pareo® can help.

Health Plans: Take These 4 Steps to Comply with New Information Blocking Rules

Health Plans: Take These 4 Steps to Comply with New Information Blocking Rules

Now that the rules promoting interoperability have been finalized, here’s how payers can prepare to take full advantage of the freer exchange of healthcare data. 

On March 9, 2020, the two separate rules issued by CMS and ONC against Information Blocking became final. The administration lauded the release by touting the consumer benefits: “Americans will now have electronic access to their health information on their smartphone if they choose.” While that impact is undeniable, health plans, on the other hand, likely have a more pressing near-term question, “Now what?”

As we wrote in our last article on this topic, just over 40% of health plans report progress on interoperability, which leaves some work to do. One industry leader echoes concerns about the complexity of complying with the rules in a recent comment. “In the near term, information is going to be messy and incomprehensible, for the most part, but over the long term, it creates a dynamic where access is the first step to be able to do something important with the data.”

With that very astute observation in mind, we have outlined a 4-step plan for health plans to move forward during the “messy” beginning and make progress toward the actionable data goals of interoperability.

1. Get important stakeholders on board

If you haven’t done so already, your first step should be to form a steering committee made up of knowledgeable contacts from affected areas of the health plan: privacy and security officers, compliance, IT, finance, member support. Their input will be invaluable as you assess your current state of readiness.

The team can collectively identify: 

  • Where all electronic health information is held within the organization. List all systems and the type of information each contains. Go deep and wide to corral everything that could possibly fall under this broad definition, as well as to set yourself up beyond compliance toward strategic advantage. 
  • Policies and procedures that address information sharing. Includes HIPAA compliance, IT policies, and internal agreements covering confidential and proprietary information. 
  • What workflows have been implemented to accommodate EHI requests. Includes how they are processed, who reviews, turnaround times, security tests, and any documentation around these processes.

2. Highlight barriers to compliance

While your team assesses the current state of affairs, they are bound to find roadblocks keeping your health plan from sending and receiving EHI in a timely manner. The look-back period for consumer inquiries is 5 years, including for members who have changed plans. Can you aggregate and return information to members within 1 to 2 days?

Technical challenges are the most likely barriers that health plans will have to grapple with. Of note, the myriad of disconnected systems that house EHI. Consider initiating a trial request to send and receive information on a tight turnaround and evaluate your success along the way. 

You’ll want to look for potential blind spots now, before it’s an emergent situation. For instance, if you’re able to accommodate the request, but in doing so, it sidelines key personnel from their primary work functions. Or, maybe the process falls through a communication gap — either internal or with a third-party. Perhaps it’s impractical to retrieve information from systems at all. Document any obstacles.

3. Make a plan

Your audit to reveal the current state of your organization’s ability to share EHI likely highlighted some known quantities as well as a few surprises. The next step is to make a plan to overcome those gaps in communication and technical requirements.

Communication. Initiate new internal processes, and amend contractual agreements with third-party vendors and business associates and providers, if needed. The EHI ecosystem is vast, and eliminating information blocking will require these relationships to evolve accordingly. 

Technology. The ONC rule provides more specifications on the technical side. The finalization of these rules could finally urge all healthcare stakeholders to settle upon the normative version of FHIR (v. 4) to standardize APIs. We have written before how APIs promise to help connect our disconnected systems and promote information sharing. A great deal of patient healthcare claims information has already been made available through open APIs, with more planned; it’s only a matter of being able to receive that information. Because your adjudication and processing systems likely use the EDI X12 standard, you may have to support both for a while.  

Image source

In addition, new algorithms, analytic capabilities, blockchain and machine learning (ML) capabilities can help parse unstructured data, deal with increased data volume, and otherwise unlock the value of the data.  

4. Communicate about your progress

This rule demands transparency, so start by communicating openly about your progress with internal stakeholders as well as providers, service suppliers and technology vendors. Opening the lines of communication is essential to breaking down the work silos that hinder interoperability.

Also, consider getting involved in the FHIR community, by piloting and testing at connectathonsThe process may not be as onerous as you imagine; providers and health plans alike have been pleasantly surprised by 90-day infrastructure compliance timelines. Communicating with the governing body for future-ready standards and exchanging best practices with like-minded stakeholders promises to move the entire industry forward. 

Bottom Line: The Carrot Before the Stick

If your health plan maintains their focus on the benefits to members, progress towards your strategic goals are sure to follow. According to Don Rucker, M.D., national coordinator for health information technology, “A core part of the rule is patients’ control of their electronic health information which will drive a growing patient-facing healthcare IT economy, and allow apps to provide patient-specific price and product transparency.” 

While penalties for information blocking have yet to kick in (the stick), the strategic advantage carrot is particularly enticing. The U.S. healthcare system has been “promoting interoperability” for years, and the finalization of these rules finally codifies the standards that enable that goal. Now is your opportunity to fully embrace advanced technology and the freer exchange of health information to enhance care coordination, lower costs and improve outcomes.   


Talk to ClarisHealth about your fraud initiatives and how Pareo® can help.

Diving Deeper into Healthcare Claims Audits: Part 1 – Auditor Workflow

Diving Deeper into Healthcare Claims Audits: Part 1 – Auditor Workflow

The first installment in a multi-part series aimed at clinical auditors. Part takes a closer look at 5 trends impacting how health plans manage claims auditing today.

Claims auditing. It’s the core function of any health plan payment integrity operation. Ensuring healthcare claims are paid accurately, both prepay and post-pay, requires claims auditors to determine the correct party, membership eligibility and contractual adherence, as well as detect and prevent fraud, waste and abuse. It’s a tall order, and numerous obstacles stand in the way of performing this task efficiently and effectively. 

In this first installment of a three-part series, we explore the landscape of a claims auditor’s day-to-day, including new challenges and opportunities and how current solutions stand up to these changes.  

Here are the top 5 trends we have identified that impact payment integrity claims review and validation. 

1. Moving Prepay

Long an unattainable goal, health plans are now making significant moves to transition claims recovery to an internal prepay model. Claims auto-adjudication systems are a good first step to achieving this goal, but lack of data visibility throws up major barriers to health plans endeavoring to make real progress. 

Too many health plans lack dedicated data science resources to develop and test sufficient prepay concepts. And, even if they have insights on their most successful post-pay concepts, there may be no ability to store those and apply them prepay. For health plans that have implemented technology, unless those systems seamlessly integrate, achieving significant cost avoidance is difficult. 

Altogether, these manual processes and tight turnaround times add up to pay-and-chase, a prevalent and unsustainable way of processing claims that auditors alone have little power to impact. 

2. Working Strategically with Vendors 

While some health plans completely outsource their claims recovery efforts to service vendors, and others aspire to internalize 100% of those activitiesa blended approach likely yields maximum recoveries at the most optimized cost. Provided your health plan has efficient and transparent methods for communicating, preventing overlap, and evaluating results with vendors. 

Unfortunately, managing suppliers with spreadsheets, status emails and quarterly business reviews keep vendors and internal auditors at odds. To get the most out of your vendor partnerships for claims auditshealth plans need to find effective ways to ensure mutual value: 

  • Share goals 
  • Communicate clearly and consistently 
  • Set expectations on service level agreements, contract terms, etc. 
  • Pay on time 
  • Train vendors on your processes and seek to understand their business, too 
  • Ensure accountability – on both sides 
  • Hold meaningful strategy sessions rather than status updates 

Types of Claims Audits

Claim edits focus on service dates, revenue codes, procedure codes, modifiers, type of bill, units of service, diagnosis, member eligibility, historical claims data, medical necessity, and more 

  • Non-Covered ServicesAccording to Plan Policy
  • Authorization (Days, Level of Care, etc.) 
  • Procedures/Charges 
  • Duplicative Procedures/Charges 
  • Coordination of Benefits 
  • Insurance Liability and Recovery (Subrogation) 
  • CMS National Coding Correct Initiative (NCCI)
  • Medicare Procedure-to-Procedure (PTP)
  • Medicare Add-on Code Edits
  • CMS Professional Component/Technical Component (PC/TC)
  • CMS Global Surgery

3. Minimizing Provider Abrasion 

Health plans are increasingly focused on their provider relationships, not least because members demand a healthy and satisfied provider network. At the same time, claims recovery processes tend to be structured to achieve the opposite, despite auditor best efforts. 

It is hard to link specific language from a provider contract within the claims process if plans are not using OCR technology. And, activities like overlapping medical record requests or requesting full records, just in case, and sending generic letter denials that require significant lift from provider claim departments can undermine these valuable provider relationships by dramatically increasing cost and abrasion 

In fact, recent study found that nearly 1 in 5 providers spend over $500,000 annually on the post-payment audit process, and almost 40% of providers can’t or haven’t calculated the cost. 

The breakdowns in communication that prove costly to providers wreak havoc on health plan bottom lines, too, by minimizing auditor effectiveness and productivity. 

4. Breaking Down Work Silos 

Many of the issues preventing health plans from achieving goals in relation to the trends outlined in this article come down to one simple operations issue: work silosSome of these silos are cultural: multiple departments in a health plan responsible for different areas of claims payment integrity don’t work together towards their common goal. Others are structural: claims auditors using different systems that don’t talk to each other, which can complicate good faith agreements and fail to align teams more closely. 

No matter the source, work silos make it difficult for auditors to get true insights into where inventory is and what claims are being worked, as well as the status of those claims. In this environment, it’s also near impossible to share relevant insights across the organization. 

Transparency is the new business paradigm, especially when designed to empower each stakeholder to offer their maximum value. 

5. Reducing Administrative Burden 

How much time do your auditors spend working claims versus updating spreadsheets and tracking down status updates? For many health plans, working with claims, suppliers, providers and other departments, are all juggled with a collection of vendor, internal and offline systems.  

Manual workarounds that increase administrative complexity prevent auditors from focusing on core jobs. Moreover, these activities can’t be easily reported on, making it difficult for health plans to smartly staff internal departments and confidently evaluate vendor performance. 

Your health plan is not alone. About $330 billion is wasted every year on administrative complexity, or 10% of annual healthcare spending in the U.S. A significant portion of this waste could be addressed with integrative technology to break down data silos, robotic process automation to automate repetitive tasks, and visual reporting to gain a clearer picture of what’s working and where improvements need to be made. 

Next Steps 

In part two of our series on healthcare claims audits we will look at new solutions that have emerged to address these trends headon, solutions that promise to increase auditor productivity exponentially. 



Talk to ClarisHealth about your fraud initiatives and how Pareo® can help.

Should Your Health Plan Build or Buy a Technology Solution?

Should Your Health Plan Build or Buy a Technology Solution?

Flexible solutions offer greater value to health plans

Whether your health plan has decided it has outgrown its manual paper-based processes or existing technology, at some point you will likely ask, “Should we build our own custom solution or buy something off the shelf?” No matter your choice, there will be trade-offs, primarily between cost and control: 

  • Build: more cost, more control 
  • Buy: less cost, less control 

How will you make that decision? Let’s explore the considerations of each.  

“We invested 5 years and $12 million in developing a custom software solution — and it still wasn’t usable.”

CEO, National Health Plan 

To Build: Consider the Costs 

The impulse to build software in-house to answer a company’s technology needs isn’t uncommon. In fact, it’s a very traditional approach. Many companies prefer to keep their business activities under the corporate umbrella, and in some cases there may not be a software solution that suits the unique needs of a particular company 

The build versus buy argument often comes down to core issues, such as cost, proprietary rights, and usability. Before you go down the path of custom development, evaluate the costs of the best-match off-the-shelf solution. Then, take that figure for licensing and implementing that solution and multiply it by 10. If your organization has a successful track record of commissioning custom software projects, this estimate will be reliable. If this experience is lacking, multiplying by 20 is a safer bet. 

To build or to buy? Take the quiz.

Will your custom software development project be successful? Evaluate the best solution for your health plan and gain insights by taking our quiz. 

If you experience sticker shock at these estimates, remember that the developer of the off-the-shelf system is able to amortize the cost of the solution across many health plan clients because that is their core business focus. For health plans, the costs of building software in-house are often misaligned with bottom line figures for many reasons.  

Beware Hidden Costs

It’s not just the cost of development you are taking on when you build your own solution. Often, the costs to implement and manage custom software in-house are not fully considered when the project is initialized. Remember to factor in ongoing and hidden costs related to your custom-built software:  

  • Support
  • Administrative personnel
  • Updates
  • Training
  • Outside experts
  • Technology upgrades
  • Sole responsibility for integrations with third-party applications

While building software internally is the right decision for some, it certainly pays to consider all your options.  

The Cost of Distraction

Many software professionals feel that in-house development offers fewer advantages than purchasing an external solution, due to a hefty “soft” cost that is difficult to predict and calculate: Internal development of software sways a company off-course from their actual core business focus.  

Once you decide to develop… you are no longer just in [your primary] business; you are now in the software development business,” says Wes Trochlil, founder of Effective Database Management and author of this article. Trochill goes on to explain that when you enter the realm of software development, your internal resources also become responsible for scoping the project, testing and documenting the software, and the development and delivery of a training program.  

An analysis of 1,471 IT projects revealed that “the average cost overrun was 27% — but that figure masks a far more alarming ‘fat tail’ risk. Fully one in six of the projects in the sample was a Black Swan, with a cost overrun of 200%, on average, and a schedule overrun of almost 70%.” If your health plan is already facing common issues  slim margins, rising cost pressures, etc an out-of-control tech project can compound these factors.  

Investing in buying a solution means that your vendor assumes all software development responsibility, which frees up a health plan to focus on other important issues 

To Buy: Consider the Control 

In a highly regulated and sensitive environment like health plans operate in, it’s intuitive to prioritize control at any cost. But, how much control are you actually sacrificing by finding a strategic technology partner? 

For one, unless your internal IT and development resources have the bandwidth to dedicate to your custom software project, you likely will be contracting with outside development resources anyway. In that scenario, even owning the code won’t be an advantage when it comes to pursuing updates down the road. 

Secondly, it is in a technology company’s best interest to listen to and respond to their clients’ feedback. With the right vendor, your voice will be heard, acknowledged and considered with their development roadmap and enhancements process. 

Custom vs. Configurable

Ask yourself: is it really “custom” software that you need, or something “configurable”? By that, we simply mean that in many industries  healthcare included  multiple needs have been resolved by third-party software providers.  

In essence, are you “re-inventing the wheel” by embarking down the path of customized software, only to find at the end of the journey there was a flexible, credible, highly effective solution already on the market? Start by defining the business processes that make your organization truly unique: fields, workflows, permissions. Prioritize solutions that make these elements configurable.  

In the end, even if configurable elements don’t satisfy all your requirements and you need to commission truly custom development additions to a vendor’s technology, it’s easier to predict the cost investments when you purchase external software.  

“IT leadership understood how time consuming, resource intensive, and costly it would be to build something internally. Fortunately, we came across ClarisHealth and they had the solution. A similar self-built solution, to really get something that has the functionality of Pareo, would have astronomical costs associated with it.”

Erik Chase, Director of Payment Integrity, L.A. Care Health Plan. Download the case study

Bonus Expertise

Whether you outsource your custom software development (the most common scenario) or rely on internal IT resources, you most likely will be defining your process and functionality needs yourself. Consequently, you risk replicating those existing processes and workflows that bog down your effectiveness and efficiency into your new system. 

By contrast, those organizations that adopt an industry-specific technology solution benefit from a community of expert usersWe work with our clients every day to discover novel solutions to entrenched challenges, and they provide us with ample opportunity to hear directly from industry leaders what works and what doesn’t in terms of technology for payers.    

Additionally, our in-house experts have worked extensively with our payment integrity platform as Auditors, Data Miners and Overpayments Specialists — just like you. It’s a unique position that allows us to, as one client put it, “see the problem as if you’re working alongside us.”

Control and Innovation: You can have it all. 

In the case of ClarisHealthour top competitor is typically a health plan’s self-developed software solution. And many times, a plan is fairly happy with the performance of that homegrown software. However, that technology is often times lagging when it comes to updates and innovative upgrades.  

It isn’t uncommon for our team to implement a software system that replaces an in-house system that a health plan has outgrown. Our best advice? Think through your software needs, and only consider in-house development if cost is no consideration and you cannot find a pre-existing solution on the market. 

Talk to ClarisHealth about how Pareo® can transform your health plan’s payment integrity operations.

Data Privacy Concerns Meet Digital Progress

Data Privacy Concerns Meet Digital Progress

Data privacy and security will always be top of mind for health plans in an environment where access to data is crucial to growth. Here are some safeguards for payers.

How do payers balance their need for broader access to data with their need to improve trust with members and providers? Data privacy is a careful balance that leaves healthcare payers as the keyholders in an ecosystem that requires data be protected but also shared. Luckily, advancements in integrative technologies promise to make data more accessible to payers, providers and — most importantly — consumers. But just because a technology can offer API doesn’t mean they will, and health plans will have to proactively face perception problems when it comes to data privacy. 

In this article, we’ll look at API capabilities and how they promise to make data sharing easier and secure. We will also look at why health plans may get pushback on data sharing initiatives, both from technology vendors who are hesitant to “plug and play” as well as stakeholders that may have (well founded) trust issues when it comes to PHI. 

API and Your Digital Strategy 

Transformation in the healthcare industry is reliant on the ability to seamlessly share data between vested entities. The ability to quickly and easily utilize data has been a huge issue, however, in an environment that relies on legacy systems and manual processes. And as payment models move more to value-based care, patients are more responsible than ever for their PHI, and they expect payers as well as providers to readily provide them with information. This is where APIs hold the most promise, allowing technology to make discrete data exchanges in a secure manner. 

Regulatory agencies have welcomed the promise of API with open arms, and last year’s proposed Information Blocking and Interoperability Rules showed health plans just how serious the government was about making rapid change. Health plans want this, too; in fact, it’s hard to imagine any stakeholders along the healthcare continuum that wouldn’t appreciate the ability to access secure, specific data. 

 “Health plans require discrete data exchanges, “calls” that respond back with the minimum data needed for the task at hand. API integration makes streamlined data access possible, a more elegant solution than outdated, clunky HL7 2.0 interfaces. When a user requests data, API allows that data to be delivered in real-time (as opposed to batch FTP). With quick, secure access to information, health plans are able to break down silos and seamlessly interface between departments, suppliers and providers.”

Using API Integration To Create A “Central Hub” Of Data


API is a communication protocol that delivers information securely, either bi-directionally or one way, by only answering calls with the required information (and nothing else). Many healthcare technology vendors (and non-industry technology providers) will allow API for open integration to promote greater data sharing and opportunities for achieving greater user value. Consumers may be utilizing APIs without even knowing it, at work or on their personal electronic devices.  

Data Sharing Detractors

Unfortunately, personal health data is particularly valuable to hackers — and historically, healthcare organizations have not proved particularly trustworthy with it. In fact, according to a recent study conducted on behalf of AHIP, “a majority (62%) of patients and consumers said they would be willing to forego easy access to their health data if it meant greater privacy protections were in place to protect their health information.”

Health organizations are concerned, too, about how healthcare data may be used. In particular, when it comes to PHI that is collected on personal devices (like wearables), stakeholders have expressed fears that this PHI  may be utilized by third-parties without the consumer even knowing their information is being shared. These specific concerns were brought up in some of the criticism that circulated during the review period for the proposed Information Blocking Rule. 


“Too often, health privacy violators don’t know where all of their electronic protected health information (ePHI) is, how the data flows through the environment and the risks of each step.”



Concerns about data privacy and security may be holding payers and other healthcare stakeholders back from adopting modern digital strategies. Does HIPAA, even though designed to be flexible, go far enough in protecting sensitive healthcare data generated by new consumer devices and apps? Experts have called on Congress for stronger oversight of healthcare data issues that they believe fall outside of HIPAA protection, issues that stem from the fact that currently third-party apps are not required to comply with data blocking policies.

Moving Digital Strategies Forward

Data security and privacy remain a prevalent concern of payers when they consider adopting digital strategies. A recent survey indicates that 94% of health plan executives have concerns. On the other hand, current methods for accessing and exchanging PHI — mail, fax, storage on local devices/dongles — are inherently vulnerable and add to the administrative burden. Modern technology, in fact, may give you even more control because it allows you to be more granular with granting access to PHI, and that access leaves digital fingerprints.

Understand that your security posture doesn’t weaken when you make the necessary transition to digital-first; rather, its focus shifts. To successfully embark on your health plan’s digital transformation, we offer two recommendations:

  1. Greater data sharing is a big mindset change. Practice radical transparency in your communications to overcome this barrier, along with emphasizing the greater good achieved by freeing information from its silos. Members, for instance, are far more likely to be on board if they understand what data is being collected and why and the expected benefits (e.g., more relevant communications specific to their needs).
  2. Rely on your technology partners to share the data privacy and security burden. They should be the ones managing end-to-end encryption of data exchanged through APIs, as an example. Make sure you deeply question their security posture to put your mind at ease. 

You’re Secure with Pareo

Ensuring the security and confidentiality of our customers’ and their members’ data is the number one priority at ClarisHealth. The ClarisHealth security program encompasses and represents the security, privacy and compliance controls that are in place to protect our customers’ most sensitive data.

ClarisHealth maintains an active security program that involves physical, network, data access and application security controls. Policies and procedures have been developed and implemented to ensure appropriate controls are in place and actively monitored. ClarisHealth is HITRUST CSF and SOC 2 Type 2 Certified, certifications that demonstrate the organization’s payment integrity solution Pareo has met key regulatory and industry-defined requirements and is appropriately managing risk.

Talk to ClarisHealth about how Pareo® advanced payment integrity technology is helping health plans deliver on their most advanced digital strategies.