Skip to main content

How certain key features protect the practice.

Generally speaking, the healthcare industry is made up of honest, hard working professionals. But like any other mass-scale program involving several complex, interconnected information management systems, huge sums of money, and human hands operating all the levers, the potential for fraud, waste, and abuse is very real.

The public perception of embezzlement is that it only occurs in organizations that are too large and too rich to be severely affected, but this simply isn’t true. In a study conducted by the Medical Group Management Association in 2009, roughly 83 percent of the 945 practices surveyed stated they had experienced some form of embezzlement. When taking into consideration that one in three business failures are the direct result of internal theft (US Chamber of Commerce, 2012), it becomes very clear that the need to safeguard against embezzlement is not paranoia—it is prudence.

Healthcare fraud comes in many faces, but some of the most insidious forms of embezzlement within the practice include the following:

  • Writing company checks for personal expenses
  • Inaccurately recording cash transactions or payments
  • Creating fictitious invoices and diverting the payments
  • Issuing fake refunds
  • Billing personal lab tests, medical supplies, or drugs under a patient’s name

Protecting the practice from embezzlement requires a proactive effort from staff and managers alike. A quality EHR can prevent fraud using a two-pronged approach:


A lot of EHR solutions with integrated practice management contain robust access controls. Utilizing such controls go a long way in the prevention of fraud in the practice. Managers can designate who has access to what in the system, ensuring sensitive tasks, such as billing and reporting, are being performed by the right people.

Maintaining accountability is equally important in the interest of fraud prevention, so many EHR solutions enable practices to create day sheets. Day sheets finalize the billing and account activity for a given period—similar to how a retail outlet closes out the tills at the end of the business day. This prevents the tampering of records, and provides a detailed report for practice owners with which they can reconcile bank records.


Even the most thorough prevention methods will still permit the occasional slip in practice integrity, and in such cases it is important to have redundant measures in place for added security. EHRs commonly offer audit logs for practices interested in reviewing past records. Data points such as date, time, user, and activities performed are recorded, which allow managers to easily root out any irregularities and identify who is responsible for them.

Behavioral healthcare practices have a very important mission to improve population health, for which there is already a lot to do without having to worry about internal embezzlement. With the right tools in place, however, practices can turn their attention back toward their primary objective: providing excellent care.