Most health care organizations either intentionally or due to some inability don’t use outside information (not just referals) in their search for fraud. There are great numbers of valid reasons for this: HIPAA, security, usable/current data sources, inflexible information systems or processes, restrictive compliance & IT departments, and the list goes on and on.
That being said, in many cases it just comes down to a lack of perceived value from outside data, and consequently no pressure to incorporate it. After all, most organizations have all the primary data for their customers and organizations within their four walls. This may have been true (to some degree) in the past. However, with the current up-tick in fraudulent activity (in particular collusive fraud - such as organized crime), the use of external data becomes very important.
Many of the recent large fraud schemes committed against Medicare/Medicaid have involved using deceased provider NPI numbers, completely fictitious numbers, or deceased members – these are just some examples. What many organizations now are considering is obtaining and utilizing other data sources to fill in the gaps. One example is to subscribe to a service that provides updated business information, which could be used to determine if a DME (Durable Medical Equipment) supplier is providing the correct information (the true owner, actual address, etc.). This makes it possible to validate if a DME is working with other DME’s or providers inappropriately. Other organizations are doing things as simple as using one of the internet satellite views to view locations to validate facilities – is it a hospice, or an open field behind a garage?
Many regions have lists that are available of "bad" providers (in the US, both by state and federal), as well as invalid NPI numbers, and other inappropriate behaviors (deceased patients for eample). The trick is incorporating the new information in a seamless fashion, so as to not make more work for what is usually an already over-burdened investigator.
The question becomes, can an organization in health care, with ever-increasing fraud activity gain from the use of outside information?