Detecting Healthcare Fraud using Machine Learning

As the elderly populations rise, so does medical care costs that come with treating those that need to be served. Medicare provides insurance to those 65 and older to help with the financial burden of healthcare. Medicare costs about $588 billion and is expected to increase by 18% in the next decade. Healthcare fraud is estimated by NHCAA to be as much as 10% of the nation’s total healthcare spend, or $58.8 billion. Fraudulent claims include both patient abuse or neglect, as well as billing for services that were not received. By using publicly available claims data, machine learning can be used to help detect fraud in the Medicare system helping reduce the cost to taxpayers.

Machine learning is a subset of artificial intelligence that can find a fraudulent needle in the haystack by applying continuous learning algorithms. With each instance that the algorithm is right about a fraudulent transaction, that information goes back into the equation, making it smarter. The same happens when the algorithm is wrong.

Using unsupervised machine learning on publicly available datasets is a growing trend with great potential. The publicly available Medicare claims data has 37 million cases. In machine learning, an essential part of the process is labeling as it affects both the data quality and the performance of the model. Different researchers have created the labels for fraud and non-fraud by mapping the data with other publicly available resources like the National Provider Identifier and List of Excluded Individuals and Entities database. The 37 million cases can then be reduced to under 4 million that can be run through the machine learning algorithm to help identify fraudulent providers.

For example, unsupervised machine learning has been used successfully on Florida’s Medicare data to detect anomalies in Medicare payments using regression techniques and Bayesian modeling. Also, decision tree and logistic regression with random undersampling class distributions have provided some promising results. Initial results have indicated that having more non-fraud cases has helped the model learn better and produce more accurate results between fraud and non-fraud cases.

Using machine learning to detect fraud is game-changing. Machine learning allows humans to be notified early on in the fraud attempt, stopping losses earlier on in the process. Having a continuous look on publicly available data can go a long way in helping minimize fraudulent claims and accelerate the time to prosecute criminals. 

#BigData #MachineLearning #AI #Healthcare

Data Brokers Pay for Your Healthcare Information

A multi-billion dollar industry exists from the buying and selling of your healthcare data. Certain state exceptions under federal privacy rules allow hospital data to be sold to data brokers. Private companies are seeking to gain access to your medical records to advance their mission, but sometime also to make a quick buck.

The right of businesses to profit from health information without patient permission has been previously upheld by the United States Supreme Court. For example, in the 1990s, a data broker was selling data to some big pharmaceutical companies on what individual providers were prescribing to patients. These pharmaceutical companies then used that information to provide targeted marketing to prescribers for the purposes of increasing drug sales. However, once patients started to understand and voice their complaints, a couple of states passed legislation to limit the trade of prescriber specific information. But, the data broker objected so the case went to the Supreme Court and was won by the data broker on the grounds of free speech.

No alt text provided for this image

While the practice of buying and selling medical data is technically acceptable under the Health Insurance and Portability and Accountability Act (HIPPA) because the data is supposed to be anonymous, one of the challenges with the increasing number of these deals is patient privacy is at risk since it is easier now to piece together deidentified records using unstructured data sources like Facebook, Twitter and other social media platforms.  

However, it is also important to note that not all data brokers have misguided intent. There are many organizations in this space with honorable missions. For example, Sloan Kettering made a deal to sell pathology samples to Paige.AI to develop artificial intelligence to help in finding a cure to cancer. In the case of curing cancer, the patient’s medical data is being used to increase the quality of care. However, data brokers do not currently have any fiduciary responsibilities to patients. 

There are some considerations that health systems can put in place to help reinforce ethical best practices:

1.  Only enter into a data transfer deal if it benefits patients

2.  Have a separate agreement form from the consent form that patients complete for their normal healthcare

3.  Asking the patient for permission to sell their data should be done by the third party vendor to ensure that there is no misunderstanding or abuse of the patient/provider relationship

4.  Any default consent options should be that patients do not elect to have their data sold

5.  Consent language should be worded in an easy to understand fashion and potentially in video form for so that patients can clearly understand usage, risks, and their options

6.  Transparency should be provided to the patients and healthcare staff on how the records are being used, who owns the data, and in what way it will be used, especially if there is a financial gain for the health system

Last year GlaxoSmithKline, a large pharmaceutical company came under global scrutiny when they tried to invest $300 million in 23andMe, due to concerns around lack of transparency of what data was being shared combined with the lack of choice for patients to participate.

Given that researchers predict that healthcare data will grow faster than in manufacturing, financial services, or media experiencing a compound annual growth rate of 36 percent through 2025, these issues are likely to continue to surface for governing bodies as well as public policy influencers. 

What has been your experience with data brokers? How do you think this will play out in the future?

#AI #BigData #BioEthics #Healthcare

Data Breaches Cost Healthcare $408 per Record: How to Prevent the Pain

No alt text provided for this image

According to the federal government in June 2019, there were 3.5 million people’s data exposed in healthcare data breaches that were reported. The majority of that data breach was from Dominion National that claims the incident may have started as early as April 2010. The data accessed included access enrollment, demographic data, and associated dental and vision information. Similarly, LabCorp and Quest Diagnostics reported in June 2019 that there was a data breach from an unauthorized user that accessed their vendor payment system that affected nearly 8 million and 12 million patients, respectively. These alarming numbers do not even include encrypted data that is lost by organizations since HIPAA does not consider the loss of encrypted data a breach. The United States healthcare system as a whole lost $6.2 billion in 2016 from data breaches with the average data breach costing a company $2.2 million. Research from IBM Security found that in 2018, the cost to healthcare organizations was $408 per record, up from $380 per record in 2017.

According to a HIMSS 2019 Cybersecurity Survey, 59 percent of all data breaches in the past 12 months started with phishing, or when an attacker masquerades as another reputable person in an email or other communications. Cybercriminals also often change their approach and are now increasingly using techniques powered by artificial intelligence. In response, healthcare organizations are actively deploying artificial intelligence solutions to combat suspicious activities, as well as increasing employee education and cloud-based security. 

No alt text provided for this image

There are some basic techniques that healthcare organizations should be deploying in addition to conducting risk assessments and providing employee education. For example, healthcare organizations should:

  • Take time to understand cloud service-level agreements, retain ownership of data that can be accessed in the event of a crash, and ensure service-level agreements comply with state privacy laws
  • Establish subnet wireless networks for guests and other public types of activity
  • Use multi-factor authentication on employee devices
  • Use business association agreements to help distribute risk and clarify vendor reporting requirements
  • Have a “bring your own device policy” based on current best practices like having a complex password requirements and policies that can be enforced
  • Plan for the unexpected in thinking about how long the healthcare organization can function in different areas without data, while also having an emergency solution for back-up information and data restoration

These tips can be incorporated into the organization’s cybersecurity framework. There are benefits to thinking through some of these strategies before they are mandated to have an effective cyber-defense program that protects both patients and the organization.

#Cybersecurity #AI #BigData #Healthcare

The Future of Open Infrastructure: OpenStack Cloud Computing Platform

No alt text provided for this image

OpenStack is an open-source cloud operating system that is relatively simple to install and provides massive scalability in helping organizations move towards enterprise-wide interdepartmental operations. Providing a stable foundation for both public and private clouds, OpenStack offers plug and play components with “at a glance” visualizations of how different parts work together. Their dashboard feature gives control to administrators while allowing users to provide resources through a web interface. OpenStack’s platform enables the deployment of container resources on a single network. It is one of the fastest growing solutions for building and managing cloud computing platforms with over 500 customers like Target, T-Mobile, Workday, American Express, GAP, Nike, and American Airlines.  

While there can be additional costs for specific versions, it is free to sign up for a public cloud trial: https://www.openstack.org/passport/

After installing OpenStack, DevStack can be used to understand better dashboard functionality as well as providing insight to contributors wanting to test against a complete local environment: https://docs.openstack.org/devstack/latest/

Free training on OpenStack is also available helping people master and adopt OpenStack technology: https://www.openstack.org/marketplace/training/

While the self-service is possible, should you choose to use a vendor for OpenStack management, a few key questions to ask potential vendors include:

  • Can you be specific on how you can help my company support an OpenStack deployment?
  • Can you share what kind of workloads has your OpenStack distribution supported in the past?
  • What kind of flexibility is incorporated in your OpenStack solution?
  • What kind of cost reductions should be anticipated from deploying an OpenStack infrastructure?

Do you have experience with OpenStack? If so, please share your experience with me via DM or in the comments.

#OpenStack #CloudInfrastructure #BigData

Who Runs the World? Amazon Web Services

If you think that most of Amazon’s operating income comes from those packages they deliver so fast on your doorstep after a click of a button, you’d be wrong. Amazon earns billions from its cloud platform, Amazon Web Services (AWS) that has benefited from a more interconnected world where transactions are exponentially increasing in volume. 

No alt text provided for this image

With a growing need to better store, verify and secure transactions, AWS allows businesses to run web and application servers in the cloud, securely store files on the cloud, use management databases like MySQL, Oracle and SQL Server to store information and deliver files quickly using a content delivery network. In short, AWS is core to Amazon’s business model and helps with database storage, content delivery, and computation power. It has been around for 13 years and offers 165 fully featured services across 21 geographic regions and is used by over 1 million customers like Netflix, Airbnb, Johnson & Johnson, Lyft, CapitalOne, and General Electric. 

For developers that may not have prior experience with things like machine learning, artificial intelligence, the Internet of Things and augmented reality, AWS provides an easy solution. For example, it has features like Amazon Personalize that allow developers to add custom machine learning models including product recommendations, search results, and direct marketing. The Amazon Personalize API uses algorithms that are used in Amazon’s own retail business. 

No alt text provided for this image

Some of the benefits of AWS include low-cost services, ease of use, versatile storage and reliability. However, there are a few security limitations, technical support fees, and the product faces general issues associated with cloud computing such as limited control, downtime, and backup protection. However, many of the disadvantages of AWS can be easily overcome or mitigated, making Amazon Web Services a leader in cloud platforms.  

For those wanted to test out Amazon Web Services, it can be downloaded for free: https://aws.amazon.com/getting-started/ 

Also, Amazon also offers several free trainings:

AWS Cloud Practitioner Essentials https://www.aws.training/learningobject/curriculum?id=16357

AWS Machine Learning Services https://www.aws.training/learningobject/video?id=16207

AWS Analytics Services Overview https://www.aws.training/learningobject/video?id=16202

Have you used Amazon Web Services?  What has been your experience?

#AWS #CloudPlatform #MachineLearning #ArtificialIntelligence