You are on page 1of 2

Journal Online

Healthcare FraudAuditing and Detection Guide

By Rebecca S. Busch reviewed by Vishnu Kanhere, Ph.d., CisA, CisM, AiCWA, CFE, FCA, an expert in software valuation, IS security and IS audit. A renowned faculty member at several management institutes, government academies and corporate training programs, Kanhere is a member of the Sectional Committee LITD 17 on Information Security and Biometrics of the Bureau of Indian Standards. He is currently newsletter editor and academic relations, standards and research coordinator of the ISACA Mumbai Chapter; member of the ISACA Publications Subcommittee; honorary secretary of the Computer Society of India, Mumbai Chapter; convener of a special interest group on security; chairman of WIRC of eISA; and convener of the security committee of the IT cell of Indian Merchants Chamber. He can be contacted at or

Healthcare FraudAuditing and Detection Guide deals with fraud in the health care industry and is a timely book focused on those involved in prevention, detection and investigation of health care fraud. Thus, it is useful for insurance, finance and audit firms and professionals specializing in this area. Apart from being a good how-to book for auditors, it is also a good reference book for professionals and managers in the health care industry/sector. The world of fraudand health care is no exceptionis marked by theft, waste and abuse often leading to illegal gratification and people taking things they are not entitled to or not do not belong to them. Fraud in the health care sector can happen at any point, from the services providers to the payers, employers, sponsors, users/patients and third-party vendors. In the authors own words, health care fraud (is more devastating/damaging) as it steals the very essence of human life. It can take human life, affect patients through needless procedures and fake drugs, and hit service providers through fake claims raising health delivery service costs. The actions, incidents and their impact are often shocking and demoralizing, to say the least, affecting both physically and emotionally patients who are likely in a compromised, trusting, defenseless state. Health care fraud is very disturbing and shakes ones trust in the system. It is for this reason that the problem has to be addressed in a systematic manner, as is suggested in the book. The book is well organized into 18 chapters beginning with an introduction and followed by identifying the market players in the health care industry. It also deals with health information, operational flow, accounts receivable, and product and service activity. The book elaborates on the data mapping, mining and analysis process, including profiling for an anomaly tracking system for better detection. Finally, the

market implications and conclusions put the subject in proper perspective. The book deals with audit, detection and investigation and is supported by charts, tables, diagrams, rules and audit to-do lists that are provided liberally throughout the book. Real-life experiences are shared through case studies; these not only explain and bring out the methodology but provide food for thought for the reader and enhance the process of learning. Coming from an author who started off as a nurse, evolved into the role of a medical auditor for a hospital, and then went on to set up her own consultancy, the book presents a ringside view of the health care sector with an insider perspective that makes it a good guide for understanding and dealing with health care fraud. The book complements ISACA/ITGI research books and has a shelf-life of three to five years. This is a good buy for those dealing with and interested in the health care sector in particular and detection and fraud in general. Some of the techniques used and methods suggested would prove useful for the system auditor and consultant in dealing with fraud. The book gives many sample fraud scenarios from different perspectives. Individual scenarios and cases and fraud investigation itself are also dealt with from the clinical, research, audit, intelligence and forensic angle. Editors NotE Healthcare FraudAuditing and Detection Guide is available from the ISACA Bookstore. For information, see the ISACA Bookstore Supplement in this Journal, visit, e-mail or telephone +1.847.660.5650.


The ISACA Journal is published by ISACA. Membership in the association, a voluntary organization serving IT governance professionals, entitles one to receive an annual subscription to the ISACA Journal. Opinions expressed in the ISACA Journal represent the views of the authors and advertisers. They may differ from policies and official statements of ISACA and/or the IT Governance Institute and their committees, and from opinions endorsed by authors employers, or the editors of this Journal. ISACA Journal does not attest to the originality of authors content. 2009 ISACA. All rights reserved. Instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. For other copying, reprint or republication, permission must be obtained in writing from the association. Where necessary, permission is granted by the copyright owners for those registered with the Copyright Clearance Center (CCC), 27 Congress St., Salem, MA. 01970, to photocopy articles owned by ISACA, for a flat fee of US $2.50 per article plus 25 per page. Send payment to the CCC stating the ISSN (1526-7407), date, volume, and first and last page number of each article. Copying for other than personal use or internal reference, or of articles or columns not owned by the association without express permission of the association or the copyright owner is expressly prohibited.