join the biometrics in healthcare LinkedIn group

Join the Biometrics in Healthcare LinkedIn Group

join the biometrics in healthcare LinkedIn group

The relevance of biometric technology to improve patient identification and SSO in healthcare is a main focus of the new “Biometrics in Healthcare” LinkedIn Group. (Photo courtesy of Flickr: http://bit.ly/2ibtbAD)

LinkedIn has emerged as one of the most important social platforms to collaborate, educate, network, and publish content. Professionals from around the globe use LinkedIn as a way to establish and cultivate relationships, leveraging it’s communication capabilities to establish relevance and demonstrate expertise on just about any topic you can imagine.

LinkedIn “Groups” are an integral tool to categorize discussions that center on a particular topic or subject matter and a chance to learn and converse from some of the most trusted global experts in their respective fields. In that spirit, we have created a brand new LinkedIn Group centered on the use of biometrics in healthcare. Biometrics in Healthcare was created to help advance discussions on the use of this technology for patient identification and single sign-on (SSO) in the industry but more importantly, it was established to help others understand and appreciate the benefits of using biometrics including:

  • Testimonials
  • Case studies
  • Examples of return on investment (ROI)
  • Technology updates
  • Clearing up misunderstandings on what biometrics can and can’t accomplish

We invite you to join the Biometrics in Healthcare LinkedIn Group and participate in the discussion. It’s your chance to ask questions, read more about how the use of biometrics is helping increase patient safety and improve data integrity across the industry and interact with professionals who understand the benefits and limitations of this technology.

Expect the significance and impact of biometrics in healthcare to grow in the coming years as more hospitals and healthcare organizations understand it’s value and flexibility. The new Biometrics in Healthcare LinkedIn Group will prove to be an important tool for healthcare professionals to use in their quest to research the technology and determine if their facility can benefit from its use.

We hope that you will consider joining the Biometrics in Healthcare LinkedIn Group and participate in the discussions!

free webinar on achieving accurate patient identification in healthcare

Free Webinar: The State of Patient Identification in Healthcare

free webinar on achieving accurate patient identification in healthcare

The increased complexities of achieving accurate patient identification in healthcare raise questions about the most suitable strategies to implement. Join us on September the 10th from 1 – 2pm EDT for a free webinar on patient identification in healthcare.

Accurate patient identification and data matching in healthcare to ensure patient safety along the care continuum is a complex challenge for most healthcare organizations. Common names, lack of proper ID, identity swapping, and the explosion of new patient touchpoints (mHealth apps, patient portals for example) to access personal health information (PHI) has created problems for organizations that still rely on antiquated methods of identifying patients and places them at a high risk of committing medical errors that could jeopardize patient safety.  

Achieving accurate patient identification in healthcare is a key strategic goal of healthcare organizations across the industry as they continue to explore new technologies that have the ability to meet modern demands of the new digital health paradigm in the wake of the shift to a patient-centered wellness approach and a push to better understand the individual patient. Unified views of patient data across any care setting is a growing necessity despite the variability in data capture methods, systems, and a lack of patient identification industry standards.

In the absence of a unified view of patient data, healthcare organizations will continue to make medical errors with incomplete or inaccurate information. Access to accurate, complete PHI is one of, if not the most vital component to deliver quality, cost-effective care and the only way to accomplish this is to establish accurate patient ID at the point of registration/access so the patient’s entire medical history supports immediate care or a wellness event. Complete and accurate medical histories must be linked to any point along the care continuum to truly achieve patient-centered care.

Join us on September the 10th for a free webinar on the state of patient identification in healthcare and a comprehensive overview of strategies and technologies healthcare organizations can use  to improve and sustain accurate patient ID. Plus, we will address the growing use of biometrics for patient ID, explain how it’s being used, and what return on investment (ROI) hospitals have realized since implementing it at their facilities. 

Topics covered during the free one-hour webinar include:

• The current state of patient identification in healthcare
• Patient identification challenges
• Using biometrics for patient ID across the care continuum

Join us on September the 10th from 1pm – 2pm EDT as we explore the topic of patient identification in healthcare and offer an overview of how biometrics is a viable solution to increase patient ID accuracy and patient safety along the care continuum.

Tell a friend or colleague! This is your chance to learn from experts in patient identification, ask questions, and engage in the discussion. Have a question you would like to ask during the webinar? Please visit the webinar landing page to sign up and leave your question or write it in the comments below.

Looking forward to seeing you on September the 10th!

 

the use of biometrics to secure PHI access

Improving Patient Engagement with Secure PHI Access

the use of biometrics to secure PHI access

The explosion of mHealth apps and patient portals for PHI access demands more modern patient and clinician identification technologies than user names and passwords.

The following guest post was submitted by Michael Trader, President and Co-Founder of RightPatient®

The rise of digital health tools for PHI access

Encouraging patients to take a more active and engaged role in their healthcare has been a key focus of healthcare providers in the wake of Meaningful Use requirements. What began as an industry mission with specific benchmarks and goals has since manifested into the actual use of myriad digital tools and platforms that are educating, engaging, and working to empower patients to increase accountability and responsibility for their own health and, when applicable, the health of their families. In fact, a recent HIMSS survey on how mobile apps and portals improve patient engagement indicated that on the provider side:

  • 73% of organizations used app-enabled patient portals to increase consumer participation in their overall health and wellness goals as well as meet relevant Stage 2 and Stage 3 Meaningful Use requirements under the Medicare and Medicaid EHR Incentive Programs.
  • Nearly half of those polled stated that “implementation of mobile services for access to information is a high priority at their organization.” Additionally, more than half – 57 percent – indicated that their facility implements a mobile technology policy, which often has a focus on mobile health security capabilities.
  • About one-third of polled healthcare organizations stated that they provide “organizational-specific apps” to the patient community.

(source: http://mhealthintelligence.com/news/how-mobile-health-apps-portals-improve-patient-engagement) 

One important facet in the goal to improve patient engagement is providing easier and faster access to personal health information (PHI). Manifested through Meaningful Use Stage 2, the benchmark is stated as:

Provide patients the ability to view online, download and transmit their health information within four business days of the information being available to the EP. (source: http://www.healthit.gov/providers-professionals/achieve-meaningful-use/core-measures-2/patient-ability-electronically-view-download-transmit-vdt-health-information

The idea is for healthcare providers to reach beyond traditional means of accessing PHI (think in person visits) and adopt digital health tools for easier, faster, and more convenient ways of accessing this data (think patient portals and provider mHealth apps). In concept, increasing the availability of tools and platforms to access PHI is a good thing — it caters to increasing patient demand to offer greater PHI accessibility through resources that offer more convenience and are in lockstep with the rise of the digital health movement. However, the explosion of digital tools for PHI access carries an inherent risk that patient identities will be compromised, stolen, or shared leading to a sharp increase in fraud and medical ID theft that poses a direct threat to not only patient safety and provider medical error liability, but also to the rising cost of healthcare. Not to mention the fact that the rising use of digital tools to access PHI compromises patient data integrity which is critical to maintain because of the ripple effect it has on the ability to provide accurate care along the continuum and the confidence it represents to successfully participate in health information exchanges (HIEs).  

Keep in mind that each time a perpetrator commits healthcare fraud or medical ID theft, the fallout of legal fees, settlement costs, and expenses to restore an identity are passed down to ALL patients in the form of higher fees for medical services. Therefore, collectively there is a pressing need to ensure that adoption of stricter and more secure methods of patient identification must run parallel to the rise in digital tools and platforms for safe access to PHI. Otherwise, patients may not be as willing to use these tools for fear of medical ID theft or unlawful access to their PHI data which directly compromises their safety, security, and privacy. 

Monetary damages are only the tip of the iceberg for healthcare organizations when discussing the impact of fraud and medical ID theft. It was been well documented that reputation can be negatively effected when patients perceive or a data breach confirms that healthcare providers are not taking the necessary action to increase PHI access security.

How can we correlate an increase in quality patient engagement with secure PHI access? Patient engagement is, without a doubt, a key linchpin to the success of healthcare’s triple aim. Simply stated, it is not possible for the healthcare industry to achieve the goals of lower costs, an enhanced patient experience, and improving population health in the absence of strong and sustainable patient engagement.

Securing PHI access for higher levels of patient engagement

Scour the internet for articles that cover patient willingness to use digital health IT tools to access PHI and you will discover that despite the industry wide effort to adopt tools that provide more convenient and faster access to medical data, few patients are actually doing so. In fact, a recent survey revealed that just 21% of respondents said they use the Web to access their health data. Meanwhile, 10% said they use e-mail and 40% view the data in person

The reason behind patient unwillingness to use mHealth tools and portals for PHI access runs the gamut from dissatisfaction with mobile health applications to challenges in finding and using instructions, data inaccuracy, and device malfunctions or data syncing issues. Furthermore, issues related to poor mHealth app and portal security have hampered more widespread adoption of these tools and stoked patient fears that their privacy could be compromised by using them.

Setting aside those with opinions that privacy can never exist in the healthcare industry, the link between patient confidence and trust that their identities and PHI are protected when using mHealth apps or patient portals is palatable and has a direct effect on their willingness to use these tools as part of their overall care.

First, it’s important to distinguish the difference between “privacy” and “security” as it applies to healthcare data. HIMSS does an excellent job of breaking down the differences:

“Privacy” is the right of an individual to make choices with respect to the collection, use and disclosure of their data; “security” is the safeguards – physical, administrative and technological – used to protect the confidentiality, integrity and availability of the data. Because the challenges are many, there is a tendency to focus on “security” in mHealth. Patient privacy cannot be achieved without adequate data safeguards; however secure devices do not necessarily preserve patient privacy. (source: http://www.himss.org/ResourceLibrary/GenResourceDetail.aspx?ItemNumber=30406

One of the largest impediments to widespread adoption of mHealth tools, portals, and other digital health platforms is inadequate mobile security policies that fail to take into account the necessity of adopting more modern patient identification tools that are commensurate to the data they protect.  For example, most healthcare providers continue to use user name and passwords to protect patient identities when using mHealth tools and portals. While these may have once been permissible security protocols in the past, these identity verification methods are now considered antiquated and should be replaced. Even though user names and passwords have proven to no longer be secure enough to protect patient identities, almost all healthcare providers still rely on their use for mHealth apps and patient portals. 

Secure PHI access requires modern patient and clinician ID technology

If healthcare providers expect patients to adopt mHealth tools and patient portals as a more convenient way to access PHI, the implementation of stronger and more secure identification technology is critical. Most healthcare security experts agree that due to the large amount of PHI data moving across provider locations via mHealth apps and patient portals, stronger security is needed to prevent data breaches if a patient’s identity is compromised. Plus, the increasing complexity of mHealth apps and their distinct ability to sync PHI data across multiple devices raises important questions about how to properly protect patient privacy  to ensure HIPAA compliance for these new tools. 

Securing PHI access is not limited to patient interactions with mHealth tools or patient portals however. A sound strategy to secure mobile and remote access to this sensitive data is required not only for patients, but also for any clinician that has access to mobile technologies. A 2014 HIMSS Analytics Mobile device study reported that:

…approximately one-quarter of US hospitals (28 percent) reported that smartphones are in use at their organization. On average, 169 devices are deployed per hospital. In comparison, 24 percent of US hospitals reported that tablet computers are in use at their organization, with an average of 37 devices deployed per hospital. (source – https://capsite.himssanalytics.org/assets/Uploads/2014-Mobile-Essentials-Brief-TOC12914.pdf)

Healthcare organizations must plan to implement a technology that has the flexibility to be used for secure patient and clinician identification, usually through a strategic combination of a strong single sign-on (SSO) platform to establish strict identification checks and provide a concrete audit trail of data access history with an enterprise-wide patient ID solution to secure remote access to PHI from mHealth apps and patient portals. The modern identification technology of choice for many healthcare providers to meet the rising demand for tighter security to access PHI is biometrics.

Lack of a strong PHI access policy can also have a negative impact on provider reputation. In a recent report on medical identity theft by The Ponemon Institute, 79% of patients surveyed said it is “very important” for healthcare providers to ensure the privacy of health records and allow them to have direct control of their health records.  

Why biometrics?

The HIPAA Privacy Rule requires healthcare organizations to secure remote access to PHI data as a safeguard for patient privacy and to eliminate data breaches that can lead to fraud and medical identity theft. Once considered secure identification criteria, user names and passwords are now considered antiquated and unable to offer strong protection to secure PHI access largely due to the fact that:

  • Most patients don’t want to worry about memorizing a complex password and thus default to using a simplistic password that’s easily guessable.
  • Most patients use the same password for many accounts, resulting in one key that unlocks dozens (or hundreds) of doors.
  • Most patients don’t even keep their passwords in secret. Everything from Netflix accounts to bank accounts to web accounts to video game accounts are often shared between friends, family members, and even strangers.

The use of biometrics for individual identification poses a much more secure and flexible technology to address the pressing need for healthcare to adopt stricter PHI access security protocols. Why?

We have written extensively about the applicability of biometric patient identification to improve patient safety in healthcare. Biometrics relies on identifying patients and clinicians by who they are, rather than what they have (ID badges) or what they know (user names, passwords) which can be more easily stolen or shared. Biometric identification technology is a more secure method to identify patients in self-driven interactions by allowing them to use the camera or microphone on their smartphone or tablet and use facial or voice recognition biometrics for accurate authentication. Biometrics offers more flexibility and convenience because it has the ability to be implemented at patient touchpoints where user name and password entry would be cumbersome and inappropriate — home health settings for example.   

The use of biometrics for identification also offers a concrete PHI access audit trail, a more accurate tracking mechanism than user names or passwords which can easily be shared and often skew analytics because it’s impossible to determine the actual individual using the credentials. This is important because litigation often relies on these audit trails used in the defense of medical identity theft or healthcare fraud claims.

Conclusion

Participation in portals and the use of mHealth and other mobile apps to access PHI is a key catayst to increase patient engagement in healthcare. Patients must have the confidence in their healthcare provider that their PHI is easily accessible and protected with the strongest authentication security on the market that ensures their privacy and safety. User names and passwords are no longer sufficient authentication credentials to meet the expanding need to offer a more flexible, scalable, and more secure identification technology for mHealth apps and patient portals.

Equally important is protecting clinician access to sensitive PHI data. Protocols must be implemented that abandon user names and passwords in favor of technologies such as biometrics that are more secure, less susecptible to being stolen or shared, and leave a concrete PHI data access audit trail. 

Have questions about the use of biometrics for patient identification in healthcare? Feel free to leave a comment or question below. 

 

 

 

iris biometrics are hygienic for patient identification in healthcare

Iris Recognition Offers Non-Contact, Hygienic Individual Identification

iris biometrics are hygienic for patient identification in healthcare

If schools adopt iris biometrics for student ID based on it’s non-contact, hygienic form factor, shouldn’t the healthcare industry offer the same protection to patients?

The following guest post was written by Brian Bilia, Enterprise Sales Consultant with RightPatient®

More Schools Using Non-Contact Biometrics for Individual Identification

In case you missed it, this week Virginia Commonwealth University announced the implementation of iris recognition in their on-campus dining halls for student identification. In addition to presenting a safer and more secure way to identify students the deployment according to the article, the initiative is designed to be:

“…helpful for students who forget or lose their IDs over the weekend, as there is not a way to get a replacement card over the weekend.” (USA Today, “New iris cameras at Va. school scan students’ eyes for entry into dining hall” http://usat.ly/1L4cbWb)

The article goes on to report that one of the main reasons Virginia Commonwealth and another schools chose to deploy iris recognition was because of its non-contact, hygienic feature:

“VCU is following in the steps of other schools — including George Mason University — which introduced the eye scanning system last year. Both schools opted for the this non-contact form of biometric technology — as opposed to a fingerprint scanner — because it is less invasive and won’t spread germs.” (USA Today, “New iris cameras at Va. school scan students’ eyes for entry into dining hall” http://usat.ly/1L4cbWb)

Essentially, hygiene played a critical role in determining which biometric modality the school would use for student identification. Due to the fact that iris recognition does not require physical contact with a biometric device, it presents one of the most hygienic hardware options available, keeping end users safe from the spread of germs and illness that could otherwise be a risk when using a contact dependent modality such as fingerprint or palm vein recognition. The fact that schools continue to adopt iris recognition for identification due to it’s hygienic, non-contact features begs the question — shouldn’t hospitals adopting biometric patient identification tools be investigating non-contact biometric modalities too?

Non-Contact, Hygienic Biometric Patient ID in Healthcare

In the healthcare industry, patient safety is the #1 priority. Rising conscientiousness about new strategies to keep patients safe rise combined with the explosion of digital health tools has pushed hospitals to re-assess hospital acquired condition (HAC) control policies and implement new platforms and monitoring programs that provide a safer and more hygienic environment for patient care. In addition, new policies by Medicare now penalize hospitals with high HAC rates raising the level of urgency to adopt digital health tools that support hospital infection control policies.

In lockstep with the urgency to increase patient safety in any possible way, hospitals and healthcare organizations are quickly catching on to the benefits of using biometrics for patient identification as a means to increase patient safety but what they are also discovering is that not all biometric hardware modalities have the ability to offer a non-contact, hygienic experience. Biometric hardware that requires physical contact by a patient can be interpreted as non-hygienic and raises the risk of HAC’s if the device is not properly sanitized after each use. Even when properly sanitized, these devices still pose a threat to patient safety due to the fact that cleaning agents do not have the ability to remove 100% of germs or bacteria.

Upon further research, healthcare entities learn that using iris recognition for patient identification in healthcare offers the use of an iris camera that a patient does not touch, helping to support hospital infection control policies and ensure that no one is susceptible to germs or bacteria that could cause an infection or illness. 

Patient Acceptance is Key

Despite the advantages of using iris recognition for patient ID in healthcare, certain stigmas exist about this technology that may make a healthcare organization hesitant to adopt. Many feel that iris recognition is too invasive and beams visible light into a patient’s eyes to determine their identity. In reality, iris recognition is often confused with retinal scanning which does use visible light for identification. Iris recognition instead uses camera technology with subtle infrared illumination to acquire images of the detail-rich, intricate structures of the iris. It’s 100% safe, and our field research has proven that patients are overwhelmingly accepting of using iris recognition for identification when presented with the option to protect them from duplicate medical records, fraud, and medical ID theft. 

Plus, iris recognition for patient ID offers other benefits such as the ability to identify unconscious or unknown patients and is built on one-to-many matching, the only true way to prevent duplicate medical records and medical identity theft in healthcare. 

Conclusion

Iris recognition has proven to be one of the most popular biometric modalities for individual identification for a number of reasons, including it’s non-contact, hygienic form factor that protects end users from germs and bacteria that otherwise exist on alternative biometric hardware devices. Hygiene has a rising influence in determining which hardware modality is utilized in  biometric identification management projects, and the advantages of using iris recognition biometrics has positioned the technology for strong adoption growth in the years to come.

How important is hygiene to you when selecting a biometric hardware modality?

biometric patient identification using iris recognition

Brian joined RightPatient in July 2015 as Enterprise Sales Consultant for the Midwest Region. Prior to RightPatient, Brian held several roles in sales management and new business development achieving over 15 years of experience working with the healthcare/hospital industry. 

biometric patient identification systems should offer multiple modalities

Why We Offer a Choice of Hardware Modalities for Biometric Patient ID

biometric patient identification systems should offer multiple modalities

Understanding the value of using a biometric patient identification solution that offers a choice of multiple biometric modalities is key to a better understanding of how this technology can truly increase patient safety in healthcare.

The following guest post was written by David Cuberos, Enterprise Sales Consultant with RightPatient®

On many occasions throughout the course of conversations with different hospitals and healthcare systems, the question of which biometric modality to deploy for a biometric patient identification management project always surfaces. After all, choosing which biometric hardware modality to deploy is a critical factor for patient acceptance and efficient system performance – metrics that have a significant impact on the success and return on investment (ROI) of the initiative. More often than not when our customers and community get an in depth look at the variety of biometric hardware modalities we offer compared to other alternatives, they are curious about why we would support multiple devices instead of just one, and what the pros and cons are of each. The answer uncovers an important, but not frequently discussed attribute of biometric patient identification solutions that hospitals and healthcare organizations should be aware of.

Experience in Biometrics and Health System Integration Matters

The origins of RightPatient®’s biometric matching technology trace back 13 years through the experience and global track record of managing both small and large scale biometric identification management projects in many different industries by our parent company M2SYS Technology. As a proven innovator and expert in biometric matching technology, our experience has taught us that the success of these initiatives is largely dependent on ensuring that the biometric modality used matches the unique needs of our end users, offers the flexibility to change or add a modality in the future, has the ability to be customized prior to launch, and is easily scaled up as the deployment grows. 

Experience in managing biometric identification management projects has also taught us the importance of using human factor engineering as part of our system design process based on understanding what makes a task easy for hospital staff and what makes it hard in order to ultimately develop biometric tools that would support healthcare organization goals.  Deployments became more about identifying solutions that would cut down on “human error” and providing biometric hardware and software systems that fit employee need and workflow and less about deploying a solution that used the most popular and well known technology and relied on traditional conventions.

Ergonomics have become more influential in biometric patient ID system design, and training curriculum was refined to reflect the sources of expert performance, and how hospital staff acquire expertise in working with biometric identity systems. And perhaps most importantly, biometric deployments based on human factor engineering are designed to make systems more resilient in the face of shifting demands.   

Hardware diversity, patient identification mobility, and back end databases that use certain biometric matching types are the only way that hospitals will be able to reach pre-deployment defined goals of eliminating duplicate medical records/overlays, preventing medical ID theft/fraud, and increasing patient safety. The biometric hardware chosen for a deployment has a direct effect on achieving these goals which is why it becomes a critical decision in the overall project scope.

The Problem of “Locking In” to One Biometric Modality System Platform

Biometric vendors who only offer a choice of deploying one biometric modality system for a patient ID initiative are hamstrung by the limitations of the device manufacturer. In other words, they “lock” you into using one biometric modality system that inhibits the ability to expand a deployment to meet the new realities of identifying patients in healthcare – biometric patient ID systems must now be able to offer patient identification at new touchpoints along the care continuum (e.g. – smart mobile devices, patient portals, and telehealth) and not just accurate ID at the point of service. Biometric patient ID systems that rely on one biometric modality can’t offer this flexibility because they can’t identify patients in these scenarios and often times, hospitals who deploy these solutions must either make another investment in a system that does have this capability, or risk not addressing how to offer accurate patient identification for the aforementioned new patient touchpoints – a risk that could have extremely negative repercussions should a patient be mis-identified or a clinician misses key patient health data missing from their medical record.

Deploying a biometric patient authentication system that offers a variety of modalities is the only way a hospital can meet the increasing complications of ensuring accurate identification along the care continuum at new touchpoints, using voice or facial recognition biometrics for smart mobile devices as an example. Absent of this flexibility, hospitals and healthcare organizations are running the risk of non-authorized individuals accessing sensitive personal health information (PHI), or medical information not being attributed to the proper records which is a direct threat to patient safety and an extreme liability.

The ability to establish and maintain patient data integrity is also called into question when locking into a single biometric modality system. The holy grail of patient data integrity is to achieve 100% accuracy, cleanse a master patient index (MPI) of any duplicate medical records/overlays, and then have the ability to maintain that level of integrity as the database grows. Since single biometric modality systems do not have the ability to address accurate patient identification at all touchpoints along the care continuum, hospitals and healthcare organizations run the risk that a care event will either be administered to the incorrect patient, or medical data could be accessed and stolen by an unauthorized individual. Deploying multiple biometric modalities such as facial and voice recognition to address accurate patient ID at ALL touchpoints is the only way that true patient data integrity can be established and maintained. 

Conclusion

As the biometric identification management industry continues it’s rapid pace of evolution and expansion parallel to the evolution and expansion of new patient touchpoints to access medical data and services, hospitals and healthcare organizations should be thinking of deploying a solution that leverages multiple modalities that can accurately identify patients no matter where they are. The only way to accomplish this is the use of a biometric patient ID solution that offers a choice of modalities and a high degree of flexibility for deployment to address various patient touchpoints along the care continuum.

Don’t fall into the trap that a one biometric modality system will be sufficient to ensure accurate patient ID and a high level of patient data integrity across the care continuum. Learn more about how a choice of biometric hardware modalities for patient identification in healthcare is a smarter investment that will truly help hospitals and healthcare organizations achieve the goals that measure the success of the initiative.

Partnering with a vendor that has deep experience in biometric identification management technology, a strong track record of healthcare system integration experience, and a history of innovation is the only way to achieve the results you expect.

What patient ID challenges have you experienced that were solved by the use of multiple biometric modalities? Please share your comments below.

biometric patient identification prevents duplicate medical recordsDavid Cuberos is an Enterprise Sales Consultant with RightPatient® helping hospitals and healthcare organizations realize the benefits of implementing biometrics for patient identification to; increase patient safety, eliminate duplicate medical records and overlays, and prevent medical identity theft and healthcare fraud.