My client, a successful dentist who had dedicated 35 years to building a thriving practice, was ready to retire. As is standard practice in any situation involving the transfer of ownership and assets, he needed a business appraiser to provide an analysis of the practice’s worth—not just tools, equipment, and property, but also the value of the patient base, to determine the fair market price.
The problem was that his office manager wouldn’t provide any of the necessary financial statements to the appraiser, such as balance sheets, profit and loss statements, payroll reports, and practice management reports. She was always too busy and made excuse after excuse as to why she didn’t have them ready.
Desperate, my client hired an outside bookkeeper to come onsite to assist the office manager and secure the necessary financials, which infuriated her. Why such fury? It was simple. Her anger stemmed from her knowledge that the jig was up. Sure enough, it didn’t take long to discover that she had stolen more than $200,000 over the previous five years. Her method? Manipulating the practice management software and QuickBooks to siphon money to herself. It was a revelation that broke the dentist’s heart and destroyed his trust.
How Does Practice Management Software Fraud Happen?
Dentists rely on their practice management software to keep their business on track. Most of today’s software features high-end capabilities beyond a simple database of patient records. Today’s systems include comprehensive patient communication, an online booking system, and real-time two-way texting. These advanced technologies streamline the patient experience and make it simple and easy to manage the practice. Unfortunately, they are also easy to manipulate, which is precisely what happened in this case.
The entire goal of a well-thought-out fraud scheme is to not raise any red flags. As such, manipulation of key data is critical to ensure that a cursory review would not reveal the true manipulation of the records. If someone has unbridled access to the practice management system, the clever fraudulent activity can look legitimate.
Here are three common ways a dental office’s practice management software can be hacked to cover up fraud, as well as tips to help prevent them from happening.
- Applying fictitious payments or credits to balance accounts: This is the most common type of fraud. Dentists are accustomed to billing insurance companies first and then billing their clients the balance. The scam occurs when that cycle is interrupted by an unscrupulous employee who “writes off” the patient balance as a credit or negotiated discount and then pockets the client’s payment.
- Tip: Understand the office’s discount structure and monitor weekly or monthly writeoffs as compared to total revenues. Segregate duties to ensure that the employees who can take patient payments do not also have the ability to apply credits or writeoffs to patient accounts.
- Adjusting the type of service: One of the more profitable aspects of a dental practice is providing advanced services to patients, such as crowns, root canals, and fillings. However, if they are adjusted from a specialty appointment to a routine visit, the extra money can be diverted from the books.
- Tip: This type of fraud is the opposite of billing for services that weren’t rendered. Be sure to routinely review appointments and cross-check them with the office’s billing records to catch any discrepancies.
- Deleting patient appointments: It’s hard to miss cash if there’s no evidence someone paid a visit. This is especially easy to do if patients don’t have insurance and typically pay upfront.
- Tip: Make sure to track patient appointments that are deleted after their start times and all transactions that are removed or changed thereafter. Most practice management software systems have audit trail reports that can easily identify questionable activity.
Practice management software is complicated. In fact, most dentists readily admit they rely heavily on trusted employees to manage these systems. Take the time to learn the security controls and functions of the office’s practice management software to understand how the system works, as well as how it can keep track of checks and balances.
Even if the office manager is a trusted friend, or even a family member, make a habit of regularly checking day sheets against deposits, monitoring credits and writeoffs, and verifying patient visits are accurately reported. That way, if any discrepancies are discovered, they can be flagged before spiraling out of control. Better yet, make sure to implement internal controls that segregate accounting duties.
As business owners, it’s essential to be present, involved, and aware of everything happening in the practice to avoid the financial and emotional cost of fraud.
Ms. Couch is CEO and founder of Acuity Forensics, a nationally recognized forensic accounting firm. She is also the author of The Thief in Your Company, a book that explores the financial and emotional impact of fraud on organizations of all sizes. She can be reached at email@example.com or (360) 573-5158.