The digital transformation of healthcare may have been accelerated by the COVID-19 pandemic, but all signs suggest it’s a permanent feature of modern healthcare delivery. From telemedicine to digital billings, personal information is being used online and healthcare data protection is becoming a key concern.

Digital transformation is giving consumers the tools and power to control more of their medical journey. The pandemic expedited that transformation in many aspects, from digital booking capabilities and telehealth to online claims and touchless payment systems. Today’s consumers are pushing for patient access to medical records, virtual medical appointments, transparency and mobile payments.

According to research undertaken by Deloitte, health organizations consider “digital capabilities a path to fundamentally transform their relationship with consumers.”

Deloitte reports that 92 percent of survey respondents put consumer satisfaction and engagement as the top outcomes that organizations wanted to achieve from digital engagement, with 88 percent making patient experience functions the top area for digital investment.

New legislation is supporting the drive for digital access in healthcare, and with that comes an increased need for regulatory compliance. For example, the No Surprises Act guarantees patients full disclosure of fees before treatment.

With advancement also comes concern. Increased access to digital files comes with more exposure to telehealth fraud risk and the need for healthcare data protection. Payers are turning to new tools to protect valuable data and prevent fraud, including institutional fraud, waste and abuse (FWA).

The digital transformation of healthcare moved to the front burner

McKinsey and Company reports telehealth usage increased 38 times from February 2020 to February 2021. Rapidly rising investment in virtual care and digital health totaled $21.3 billion in Q1-Q3 2021 compared to $6.0 billion at the end of 2017.

Eight in 10 healthcare executives say the pace of digital transformation for their organization is accelerating, and nine in 10 report they are “innovating with a sense of urgency and call to action this year,” according to Accenture.

Although there was a gradual move towards healthcare’s digital transformation, mass implementation took the perfect storm of a major health crisis combined with the willingness of consumers and providers, and regulatory changes that enabled greater access and reimbursement.

To provide immediate access to care during pandemic lockdowns, the Centers for Medicare & Medicaid Services (CMS) made regulatory changes, including delivery options and the reimbursement of expanded current procedural terminology (CPT) codes. Some of these exceptions have since been made permanent.

Virtual healthcare models continue to evolve, moving from virtual urgent care to a range of services that can improve patient experience, access, outcomes and affordability.

McKinsey did find some persistent barriers to adoption, however, including concerns about data insecurity and mixed trust in hybrid service delivery (in-person and virtual) by both payers and patients. Regardless, access remained the top priority.

The impact of healthcare legislation that’s driving digital transformation

Recognizing the desire of consumers and healthcare organizations to improve patient experience, the CMS and Health and Human Services (HHS) have made numerous regulatory changes.

As of January 2021, hospitals are required to publish their fees for service, a move to ensure patients know exactly what to expect in billings. Hospitals are required to charge payer-negotiated rates using an online tool with all services in a digitally readable file. For their part, insurers and payers must make rates and cost-sharing estimates available to plan enrollees by January 1, 2023 for common services, and for all services the following year.

The “No Surprises Act,” effective January 1, 2022, is another step towards transparency. The Act prohibits surprise billings that occur when plan members attend out-of-network hospitals or providers for emergency or non-emergency care. The surprise comes when the provider charges above the plan rate for services, leaving patients with bills that can be crippling. found that among large group health plan enrollees, one in five emergency room visits and one in six in-network hospital admissions” potentially led to surprise medical bills.

Cybersecurity consulting firm Trustwave notes, “The pandemic has brought a renewed focus on the importance and value of the data maintained by the healthcare industry, with a particular emphasis on personal health information.” Ignacio Arancibia, Security Advisor, Governance, Risk & Compliance at Trustwave, partially attributes this to consumers sharing their health and vaccine status online and in person, registering for vaccines and other interactions.

“It is likely that governments will react quickly [in 2022], introducing additional privacy and data protection regulations mandating additional sets of controls or even actively enforcing audits/compliance in certain industries,” Arancibia says.

These requirements add to the administrative load borne by healthcare payers. As they increase investments in digital transformation, payers are looking for advanced solutions for long-term sustainability. In fact, 92 percent of HC organizations say regulatory and compliance pressures are extremely or very important reasons to use artificial intelligence tools, recognizing that AI plays many roles in a healthcare organization.

The benefits of provider and patient access to digital medical records

Legislation is also pushing for the digitization of medical records. One appeal of electronic health records is the ease of access for both patients and providers. Practitioners can chart as they go, storing and accessing information from any location. Patients can access test results and receive files from their care providers, empowering them with the knowledge and ability to advocate for themselves.

Apps that provide patient access to medical records are both empowering and convenient. They connect users to their vaccination records and lab test results, track vital signs and exercise goals, and monitor vital signs. Some providers offer their booking and screening online, freeing staff for more important work.

Referrals are streamlined, too. Digital access eliminates repetitive and inconsistent knowledge transfer to other departments or outside specialists. Patients are relieved from retelling their symptoms and histories multiple times, perhaps forgetting or omitting important details.

Digital medical records also contribute to big data – the collection and analysis of large amounts of data – useful for research, epidemiology studies and other large-scale purposes. Anonymized data helps determine trends and best practices for care while researchers can tap into other networks for comparison or review.

Yet these advancements come with potential risks, the greatest being identity theft, telehealth fraud, and fraud, waste and abuse (FWA).

The risks of digital transformation — exploitation of patient data, the dark web and FWA

Annual healthcare expenditures in the U.S. totaled $4.1 trillion in 2020 – almost 20 percent of the GDP – with projections of $6.2 trillion in 2028. This massive system is vulnerable to fraud, data breaches and other illegal activities.

While the National Health Care Anti-Fraud Association (NHCAA) estimates healthcare fraud to be about $300 billion in the U.S. (last updated in 2018), some government and law enforcement agencies say FWA is about 10 percent of annual healthcare expenditures, working out to $400 billion based on current spending. The main hit directly to healthcare payers is fraud, waste and abuse (FWA), committed by patients, online fraudsters and unscrupulous healthcare providers.

Healthcare crime is an industry unto itself. Securing and identifying the identities of patients is a challenge for overburdened healthcare staff, especially amidst a pandemic and the rapidly growing data volume fueled by regulations. Without sufficient healthcare data protection, patients’ data may be stolen at the source, or upon uploading to payers’ servers. It also affects patient outcomes if their identities have been flagged for misuse or fraud.

There are dozens of schemes, ranging from uninsured family members using a relative’s health plan, or providers up charging for simple procedures, to massive crimes involving data bought on the dark web used to process claims for services or medical equipment that was never provided.

Selling data on the dark web can net criminals between $250 and $1,000 for each stolen record, and they sell each group of records multiple times. Compare this to $5.40 for a payment card and about 53 cents for a social security number. Healthcare data’s value is derived from its completeness, containing names, addresses, birthdays, social security and health plan numbers and, often, payment card details. These valuable assets can be exploited multiple times.

Patients may be impacted in a variety of ways:

  •     Being billed for treatments they never received
  •     Delayed care because false information has been entered into their records
  •     Lost benefits due to fraud
  •     Misdiagnosis or mistreatment due to incorrect information on file

AI: the most comprehensive compliance tool

Mastercard Healthcare Solutions® uses AI to identify and prevent healthcare fraud, waste and abuse and screens for regulatory compliance. Its immense capabilities include monitoring for large-scale or duplicate billings, unusual changes in service provision, addresses that don’t identify as professional clinical spaces, CPT codes that don’t match the usual expectations for procedures, and other anomalous behaviors. Self-learning AI’s key advantage is its ability to learn new information quickly, then adapt to evolving behavior, both good and bad. This applies in both prepay and post-pay environments.

With new regulations being phased in by the federal government, procedures, medical supplies and out-of-range billings or those lacking transparency are detected and flagged for investigation. The system easily accommodates all regulatory bodies, such as CMS, HHS and HIPAA.

The platform automatically monitors the entire transaction environment and involves compliance personnel only when significant patterns have been found. Using supervised and unsupervised learning to detect new types of suspicious behavior, the individualized models track the behavior of each entity in the data, tracing their patterns to discover and identify anomalous activities. Payers are alerted to fraud or non-compliance patterns for further investigation.

Mastercard offers a variety of tools to verify user identities, prevent fraud and assess cybersecurity. Learn about the entire suite of tools in our Ebook Bridging the Healthcare Technology Gap.

Digital transformation in healthcare requires proactive vigilance

Including cybersecurity at the outset of adopting a digital environment protects patients, providers and payers while ultimately saving money lost to fraud. When working within an existing environment, tools to analyze current vulnerabilities and risks provide the roadmap to close gaps and redefine prevention methods.

It’s a given that healthcare is joining the technology-enabled world of telehealth, touchless payments and stricter regulations. Ultimately, this new world will save money and create efficiencies in both service provision and operations. Like any new process, digital transformation of healthcare takes careful planning, proactive vigilance and effective tools.

Learn more about the impact of legislation that’s driving the digital transformation of healthcare in our webinar Consumer empowerment and cybersecurity in the age of digital transformation. Our experts outline the many regulatory changes, the pros and cons of digital access for healthcare systems and how to protect sensitive data.