Could biometric scanning reduce Medicare fraud?

Could biometric scanning reduce Medicare fraud?

Ron Lynch is the Managing Partner and founder of NorthStar Business Consulting. Founded in 1990, it focuses on business consulting within the health care industry. Ron and I met on a plane from Charlotte, NC to Dallas, TX over the summer. One of our many conversations focused on his support for biometrics (particularly iris scanning) retinal scanning to prevent Medicare and Medicaid fraud. Below is a follow-up discussion and interview we did on that subject.

Note: At the time the interview was conducted, in August 2012, Ron informed me via e-mail that he did not have any financial interests in any biometric company, and that NorthStar was not engaged with any of these companies as Clients.


Dustin Siggins: So I know we discussed this on the plane, but what does your organization do?

Ron Lynch: The goal of NorthStar Business Consulting was to bring executives with general management experience through various health, biotech, and pharmaceutical organizations into a process that we use called the One-Page Strategy Process. This evolved into the four areas of focus we tackle within our business today.

The four areas we focus on are: strategy development and management, product commercialization, business continuity / including succession planning from a Human Resources standpoint, and sales force performance enhancement.

We have a global company, including one executive in China, one in South Korea, and one in Brussels. This helps us to get a global perspective on the health care industry, and be on the leading edge of what is shaping the industry.

All of our key and senior consultants have been in a senior management with other companies. Specifically, they have been in biotech, pharmaceuticals, and other health care areas. All of our executives each have at least 25 years in the healthcare field.


DS: On the airplane from Charlotte to Dallas you mentioned how powerful you think biometrics (particularly iris retinal scans) would be for fraud prevention on the airplane from Charlotte to Dallas. Can you get into some detail as to how this would work? It seemed like a great idea.

RL: It is a great idea, and the technology has moved forward to the point it’s applicable to all health care companies in the country. Fraud and abuse represent a huge cost percentage of medical billing, including Medicare and Medicaid. Medicaid is going to be over $400 billion in spending this year, and Medicare is going to be over $550 billion in 2012. Fraud and abuse were estimated to be between 3% and 15% in 2010. Current estimates say that’s probably closer to 8% to 12% this year, which totals a minimum of $76 to $114 billion (this is based upon Managed Care Organizations (MCO) data, from a variety of sources), and in 2010 improper payments in these programs totaled $70 billion, according to the Government Accountability Office.

Quick side note: When it comes to the fraud estimates I mentioned above, Managed Care Entities (MCE) primarily comprised of MCOs and Prepaid In-patient Health Plans (PIHP) are the best sources in almost every state for Medicare and Medicaid cost tracking. When HHS puts out the bids, these groups primarily secure the contracts, then connect and coordinate their information.

The Biometrics Market is very diverse, ranging from Ultrasound Fingerprinting and Facial / Voice Recognition to Retinal and Iris Scanning. Biometrics can be complicated, but Hand Geometry, Facial Recognition and retinal scans are already being used by the military and law enforcement. However, the latter requires cooperation by potential patients due to the fact it can only be used within a few centimeters of the detection device. Individual iris scanning technology started in the 1990s, which is a little different because not only is it more accurate, it can recognize people from several centimeters to several meters away. The interesting thing about this technology is that it can be used for people who are incoherent, unconscious, the elderly, children, neonates and others. With that broad perspective of utilization, it provides a larger base of patient identification.

How this works in the real world is basically that people would have a “base scan.” They would stand in front of a camera for 20 to 60 seconds for a complete reading. After that is done, the data is digitized and used for subsequent re-identification, which can take as little as 3 to 5 seconds.


DS: What percent of fraud and improper payment could be eliminated? Any estimates?

RL: I really don’t have any data on that, and I don’t know if anyone can really do that. The problem with the current system is that most of the problems are focused on the back end of the system – computer errors, etc. What you and I spoke about was scanning from the holistic view – operational efficiency to help reduce overall cost.


DS: Speaking of cost, how much would this kind of program cost doctors, and would the federal government have to cover it for Medicare and Medicaid doctors?

RL: In the 1990s, it was $5000 or so per location. The cameras were expensive, and the technology had not been made cost-effective. Now they cost hundreds of dollars per location, which makes the technology much more applicable, from that standpoint.

I’m an old guy, so I’m taking you back a bit, but in the mid-1990s there was a push for tele-medicine. Initially tele-medicine companies never had standards, so there were problems in communicating results to multiple healthcare systems, but standards were created to make it work. What has really moved these biometric technologies forward is that Biometric standards have recently been created – the Common Biometric Exchange File Format (CBEFF). The CBEFF is a standard that provides the ability to ID and interface through multiple biometric systems a number of systems – iris, retinal, hand, fingerprint, heart, and others. Most importantly, these various systems can now exchange data between multiple system components.


DS: A lot of errors in Medicare and Medicaid take place, as you noted, on the back end – mailing and billing errors, for example. Would this impact that at all?

RL: Absolutely. They have a master patient index (MPI) – in the private sector the MPI links all of the smaller outpatient clinics, etc. within a given healthcare organization. The Enterprise Master Patient Index (EMPI) links through the healthcare continuum such as outpatient clinics, medical providers and medical centers. This becomes the central database, and helps with concerns about HIPAA, to keep the information centralized and private.

As we discussed on the plane, let’s say you have a Medicare card with a magnetic strip – the specific algorithms would be encrypted so it is not able to be duplicated by electronic pickpockets or other thieves. Their system can’t define what that encryption means, since the person who had the card wouldn’t match the records at a medical location. Whether through fingerprints, iris scanning or whatever, the person with the card would be exposed to any one of those interrogation processes and would be rejected.

What does this do? It provides absolute Positive Patient ID, which is important from a quality of care perspective. Fewer errors occur, and it ties patient ID to drug delivery and patient care plans, and it works through the shared continuum, meaning it works at the pharmacy, hospital, acute care, etc. Currently – let’s say a patient was given a prescription for an intense medication – this patient could then go to a different doctor from who gave the original prescription medication, obtain a second prescription, and sell it on the street. The coordination provided by Positive Patient ID would help prevent this.

On the other side, from the operational effectiveness standpoint, it complements HIPAA requirements. It protects patient records. The technologies can also be used for the staff, meaning staff would have to be recognized before doing anything with medical records, payments, reimbursements, etc. In short, there is ID for the patient and staff, meaning enhanced security coverage all around.

From a public policy standpoint, it allows this information to immediately be available across facilities. Currently a patient can go in and have one prescription given for a certain condition, and then they go to a specialist for a different condition, and get a different prescription. This patient would then be able to go to different pharmacies and get different medications without anyone understanding that the patient is not coordinating care, which puts the patient at risk for allergies or potentially life threatening inter-medication reactions.


DS: Is there anyone in Congress putting this kind of stuff forward in legislation?

RL: Unfortunately, I am not close enough with the folks at that level of public policy decision-making.


In an follow-up e-mail after this interview, I expressed some concerns to Ron about privacy and security concerns – for both private and public entities. The whole idea, while it seems efficient and worthwhile to look at for its savings in the federal budget (as well as increased quality of care for Medicare and Medicaid patients), reminds me a bit too much of the new retinal scanning security system at some airports, and my libertarian streak is cautious regarding the potential for private or public abuse with such information. On the other hand, we do have credit cards, bank accounts, cell phones, Facebook accounts, etc. so it’s not like we are exactly entering an entirely new era of disclosure through technology if we implement Ron’s suggestions.

He responded in an e-mail: “The important point for the card approach is that even if it is hacked in some way, the information is unreadable / unusable due to the nature of the digitization as well as its several layers of encryption. That is not to say that the Enterprise Master Patient Index or MPI could not be hacked in the traditional sense, of course.”


Dustin Siggins is the online content coordinator and blogger for Tea Party Patriots, and formerly a frequent contributor to He currently contributes to American Spectator’s blog,, and He is also the co-author of a forthcoming book on the national debt with William Beach of The Heritage Foundation. The opinions expressed are his own.



For your convenience, you may leave commments below using Disqus. If Disqus is not appearing for you, please disable AdBlock to leave a comment.