Mirjam Kirchner | Christoph Dombrowski |

Billing fraud harms private health insurance and its policyholders

Detecting insurance fraud and preventing it is an extremely complex undertaking for private health insurance companies (PHI).

This is the conclusion reached by the consulting firm PricewaterhouseCoopers (PwC), which surveyed 13 private health insurance companies with around 6.7 million fully insured patients about their strategies and measures for combating fraud as part of a study published at the beginning of the year titled "Billing fraud in the healthcare sector". Based on the results from PwC, there is initially a summary of the current approach used by private health insurance companies for fraud detection. The next step is to assess the efficiency of this form of fraud prevention on the basis of the success rate determined by PwC and the associated workload. Finally, suggestions for improving the current situation are derived from this.Current measures taken by private health insurance companies to combat fraud

The cornerstone of current fraud management at private health insurance companies is the processing of leads from external sources, such as law enforcement, associations or other third parties. Interestingly, service provider insiders such as hospitals and physicians in private practice play only a minor role as sources, according to the insurance companies. The private health insurance companies try to take known fraud patterns into account as early as the initial determination of an insured party's entitlement to benefits. This is to prevent unjustified payouts. However, clues often point to transactions that have already been settled. For this reason, many insurance companies use various analytical procedures after the fact in order to report cases of fraud and to be able to trace back incurred losses.

One consequence of this approach could be that the sources relevant from the private health insurance company's point of view mainly report known fraud patterns, while structural or organized fraud, which that is difficult to detect, remains undetected. Because people tend to assess more frequently perceived events as more likely (availability heuristic), this can sometimes lead to errors in judgement by the private health insurance company about the typical offender profile. Thus, all private health insurance companies specify the policyholder as the perpetrator of fraud. The various types of service providers, such as hospitals or pharmacies, on the other hand, are mentioned by only 0 to 62% of the private health insurance companies. This assumption is supported by the observation made by the Medical Service of the Health Insurance Funds (MDK) in recent years that every second audited hospital bill in the context of statutory health insurance is erroneous and in need of correction. Since the same organizations and groups of people are involved in the billing process, we assume that this situation can be transferred to the private health insurance market.

How successful are the measures taken by private health insurance companies to combat fraud?

It is now necessary to evaluate the measures taken by the private health insurance companies on the basis of their effectiveness and efficiency in combating fraud. For this purpose, the detected damage is compared with the damage caused by fraud. To estimate efficiency, the annual detectable damage level is determined by a full-time employee.


With the measures described above, the private health insurance companies surveyed succeeded in detecting a total of 32.5 million euros in losses. Their market share of fully insured persons is about 76%. At the same time, the Fachkreistag Krankenversicherung [Expert Conference for Health Insurance] estimated the damage caused by fraud and incorrect billing for the entire private health insurance market in 2018 at around 1.6 billion euros. Consequently, it is assumed that the companies surveyed incurred a total of around EUR 1.2 billion in losses during the period under consideration. This corresponds to an average loss of 92.3 million euros per company.

If the detected damage is put in relation to the estimated total damage, the result is a detection rate of less than 3%. This means that companies only detect around 2.5 million in fraud.


In order to assess the effectiveness of the measures, the average amount of losses detected per company, i.e. EUR 2.5 million, is first compared with the average number of full-time anti-fraud posts, i.e. 4.1. As a result, a fraud detection specialist detected an average of approximately €610,000 in fraud losses in 2018.

As explained at the outset, private health insurance companies rely heavily on the receipt of external leads to combat fraud. If one were to make the optimistic assumption that the number of relevant tips scales linearly with the number of specialists employed, a further 147 full-time positions would have to be created per company in order to uncover the total damage of 92.3 million euros.


The preceding analysis suggests that the focus of private health insurance companies on the policyholder as the perpetrator and known fraud patterns falls short. Secondly, it has been observed that a fraud detection process focused on manual activities and external whistleblowers does not scale well. There is only one option for private health insurance companies to counteract this situation: the quality and scope of fraud detection must be increased compared to the current state of affairs through the use of modern technologies and processes.

Data-driven models are at the heart of future fraud detection

Already today, private health insurance companies collect, store and manage the data of their customers as well as of the service providers involved. In this way, they also collect information about the fraudulent minority, which enriches itself at the expense of the other policyholders. The prerequisites for more effective and efficient fraud detection are therefore, in principle, already in place today.

The knowledge hidden in the collected data can and should be collected by means of quantitative analyses and data-driven models. The purpose of the analysis is to develop a better understanding of the existing data in order to identify processes that are suitable for automation using data-driven models. The latter are usually divided into two classes.

Classes of data-driven models

So-called supervised learning methods such as neural networks, decision trees or support vector machines are used to model the expertise of employees and law enforcement agencies on the basis of successfully uncovered, historical fraud cases. As a result, these models can be used to screen benefit claims for known criminal tactics.

But the previously unknown or neglected fraud must also be revealed. Unsupervised learning methods can be used for this purpose. Unlike the class of supervised learning methods, these do not require additional knowledge about whether a historical benefit case was fraudulent or not. Instead, these models assist in identifying anomalies and patterns in the given data. For example, anomaly detection algorithms can be used to flag benefit claims with conspicuous characteristics. Furthermore, so-called changepoint methods can be used to detect at which point in time the behavior of actors changes. These insights can then be used to target benefit claims and learn new fraud tactics.

Supplementing supervised with unsupervised learning methods is particularly useful because insurance fraudsters are people or organizations run by people. These are known to be adaptive and therefore able to respond to fraud detection measures by the private health insurance company with ingenuity.

Why are data-driven models not yet being applied across the board?

Currently, only 46% of private health insurance companies surveyed report using advanced data analytics to combat fraud. The reluctance to implement this can be justified by, among other things, the following points.

Data protection

Private health insurance companies may not directly use data collected for the purpose of benefit determination and risk assessment to develop data-driven models. The protection of the privacy of the persons concerned requires that the personal reference of the data is dissolved beforehand by anonymization.


In principle, the private health insurance companies may use automated procedures to support decision-making processes. However, policyholders are entitled to a manual review in the event that benefits are denied. In this case, it must be apparent to the insurance company why the automation process did not approve a claim, for example, due to fraud.


Data-driven models learn from information. Therefore, care must be taken in their development to ensure that no unintended effects are described in the data set used, such as discrimination against minorities. However, responsible development and the application of data-driven decision support models can contribute to greater equity and fairness.


Data structures change. For example, the insured individuals in a contract age. This so-called data drift is often unavoidable in practice and causes the quality of data-driven models to decrease over time.

Innovative processes and solutions pay off!

Since 2012, the average total fraud loss discovered by private health insurance companies has increased eight-fold. Technological innovations are also accessible to fraudsters. It is therefore to be expected that the trend identified by PwC will continue or even accelerate in the future.

However, inaction in this area not only leads to direct financial damage for insurance companies and their customers, who ultimately have to pay for the rising costs. Reputational damage and a loss of confidence among policyholders are further conceivable consequences. Insurance companies should counter this development by acting proactively.

The use of technological support is more important than ever. For example, the automation of (sub-)processes through the use of artificial intelligence in the context of benefit calculations can help to evaluate cases more accurately and make more accurate decisions, but also to detect errors or even billing fraud. Only in this way can companies continue to fulfill their due diligence towards the honest majority of their policyholders.

If you would like to learn more about the topic of digitalization in private health insurance companies, we recommend our free study "Private health insurance companies in the healthcare system of the future". Please note that this study is only available in German


Do you have any questions or comments? Then please leave us a comment.

All articles

Are you interested in products of adesso insurance solutions?

You will find here an overview of all software solutions for all insurance lines - for policy management, claims management, claims processing, product modelling or for general digitalisation.

Go to product page