Implementing abuse and fraud detection in DRG-based payment: an integrated approach using analytics, patient-level costing, and evidence-based practice

1. Introduction

Major Diagnostic Categories (MDCs) and Diagnosis-Related Groups (DRGs) underpin prospective (case-based) payment by assigning inpatient stays to clinically coherent groups and paying a predetermined amount based largely on a relative weight (resource intensity) multiplied by a standardized/base rate, with further policy adjustments (e.g., wage index, teaching, disproportionate share, outliers). Under Medicare’s Inpatient Prospective Payment System (IPPS), for example, the Office of Inspector General (OIG) describes the operational payment logic as “DRG weight × standardized amount,” with additional adjustments layered onto the base payment.

Prospective payment improves cost discipline, but it also creates predictable gaming surfaces: when revenue depends on coded diagnoses/procedures and discharge status, some actors can increase payment by manipulating codes, fragmenting bills, or selecting “profitable” patients (cherry picking/lmeon dropping). The OIG’s hospital compliance guidance explicitly flags multiple risk areas, including upcoding, “DRG creep,” billing for services not actually rendered, medically unnecessary services, and unbundling. 

Accordingly, a credible DRG fraud-and-abuse program must (i) detect anomalous coding and billing patterns, (ii) validate clinical appropriateness and documentation, and (iii) deter recurrence through governance, controls, and feedback. This essay outlines an implementable framework and then shows how patient-based costing (PLICS/ABC) and evidence-based medicine/practice (EBM/EBP) strengthen identification, investigation, and prevention including “cherry picking” and “lemon dropping.”

2. Fraud and abuse vectors specific to DRG payment

2.1. Coding inflation: upcoding and “DRG creep”

The Office of Inspector General (OIG) defines upcoding as using a billing code that pays more than the code that reflects the service actually furnished, and defines “DRG creep” as billing a DRG code with a higher payment rate than the DRG that accurately reflects the service furnished.

Empirically, upcoding is a measurable phenomenon in hospital payment: recent peer-reviewed work estimates material payment effects from upcoding in hospital settings (among other provider settings), and other analyses link coding intensity to payment growth.

2.2. Unbundling and duplicate/fragmented billing

The OIG defines unbundling as billing in fragmented fashion to maximize reimbursement for tests/procedures that are required to be billed together.

In DRG contexts, unbundling risk concentrates around services that should be subsumed under the case-based payment but are billed separately (or billed in ways that create duplicate reimbursement).

2.3. Phantom billing and non-rendered services

While “phantom billing” is often used colloquially, the compliance risk is precisely captured by the OIG’s category billing for items or services not actually rendered (submitting a claim representing that a service was performed when it was not).

2.4. Medically unnecessary services

The OIG identifies medically unnecessary services as claims intentionally seeking reimbursement for services not warranted by the patient’s current and documented condition, explicitly linking to the “reasonable and necessary” coverage principle.

In DRG settings, unnecessary services can be used to justify higher-severity coding, trigger procedure-driven DRGs, or support post-acute transfers that affect payment.

3. A practical implementation model for DRG abuse and fraud detection

An effective program is best designed as a closed-loop integrity system with three coupled capabilities: (A) detection analytics, (B) clinical/coding validation and investigation, and (C) prevention and deterrence. The OIG hospital compliance guidance emphasizes building internal controls that promote prevention, detection, and resolution of nonconforming conduct.

3.1. Governance and operating model

Core components

  1. Compliance governance: Competent board oversight, competent compliance officer authority, and documented policies aligned to known risk areas (upcoding/DRG creep, unbundling, duplicate billing, medical necessity).
  2. Clinical documentation integrity (CDI) with guardrails: CDI programs should improve accuracy, but must be monitored to avoid becoming a “revenue optimization” mechanism that increases coding intensity without clinical justification.
  3. Audit and response protocols: Defined thresholds for pre-bill holds, post-bill audits, repayment, and corrective action.
Note: The “thresholds” are pre-defined decision rules that tell you when an integrity signal is serious enough to trigger a specific control (hold the claim, audit it, repay money, or escalate corrective action). The point is consistency, defensibility, and speed - so you’re not arguing case-by-case about whether to act:
  • A pre-bill hold means you pause submission (or release) of a claim until a quick validation is done.
  • A post-bill audit means you bill normally, but audit after payment (or after submission).
  • Repayment” thresholds specify when you return funds (or adjust claims) after confirming overpayment - often tied to quantified error and compliance requirements.
  • Corrective action thresholds define when you move from “fix the claim” to “fix the cause.”

3.2. Data foundation (minimum viable and mature-state)

Minimum viable dataset

  • Claim header/line items, DRG, MDC, discharge disposition, Length Of Stay (LOS), transfers, readmissions.
  • WHO ICD/WHO ICHI or ICD-10-CM/ICD-10-PCS diagnosis/procedure codes and present-on-admission (POA) indicators (where applicable).
  • Key EHR elements supporting clinical validity (labs, vitals, imaging timestamps, operative notes).
  • Provider/service line identifiers.
Note: The claim header (the “summary record” for the whole inpatient stay) contains one record that describes the entire claim/episode. Claim line items (the “detail records” under that header) contain multiple records linked to the header that itemize services/charges within the stay.

NoteProvider/service line identifiers are the fields in your data that tell you who delivered the care and which organizational unit or clinical specialty the activity belongs to. You use them to compare like-with-like (peer benchmarking) and to localize anomalies (is the problem a specific hospital, ward, specialty, or clinician?).

Mature-state additions

  • Grouper outputs (intermediate logic outputs where available).
  • Prior utilization history and risk adjustment variables.
  • External benchmarks (peer hospitals, region, national, international).
  • Patient-level costs (see Section 4).

3.3. Detection analytics: layered methods (rules + statistics + Machine Learning (ML))

Because “fraud” is rare and heterogeneous, detection performs best with ensembles:

Layer 1 - Deterministic edits (high precision)

  • Incompatible code combinations; implausible age/sex/procedure edits.
  • Discharge-status inconsistencies (e.g., transfer paid as full DRG when transfer rules apply - explicitly flagged as a concern in OIG guidance).

Layer 2 - Peer-group outliering (behavioral surveillance)

  • DRG shift monitoring: sudden increases in high-weight DRGs, (MS-DRG) CC (Complication/Comorbidity)/MCC (Major Complication/Comorbidity) capture rates, or severity levels vs. peers (APR-DRG SOI/ROM), adjusted for service mix.
  • Physician/coder-level fingerprints: which individuals or units drive changes.

Layer 3 - Clinical coherence checks

  • “Does the coded complication/comorbidity have evidentiary support?” (e.g., diagnostic criteria, medication use, ((inter)national) lab thresholds, documented treatment).
  • Time-sequence logic: condition present vs. hospital-acquired; procedure timing vs. diagnosis timing.

Layer 4 - Predictive and anomaly models

  • Unsupervised anomaly detection on multivariate features (association mining, coding patterns, Length Of Stay (LOS), discharge destinations).
  • Supervised models trained on confirmed audit outcomes (where labels exist).
  • Methodologically, measurement and detection of upcoding and related behaviors are active areas with published approaches that can be adapted to provider settings.
Note: Unsupervised anomaly detection on multivariate features means:

  • Unsupervised: you don’t have labels like “fraud” / “not fraud” from confirmed audits.
  • Anomaly detection: you try to find cases that look statistically unusual compared with the bulk of cases.
  • Multivariate features: you judge “unusual” using many variables at the same time, not one variable in isolation.
Note: A supervised model trained on confirmed audit outcomes is a machine-learning model that learns from past cases where an audit has already determined the ground truth (e.g., “coding correct” vs “overpayment due to unsupported MS-DRG CC/MCC or APR-DRG  SOI,” “medical necessity denied,” “unbundling confirmed”). Those audit results become the labels the model is trained to predict for new, unaudited claims.

3.4. Investigation workflow: from signal to finding

A detection signal is not a finding. A defensible investigation process typically includes:

  1. Triage: Rank alerts by expected overpayment, recurrence risk, and patient safety implications.
  2. Record retrieval and review: Programs like U.S. Centers for Medicare & Medicaid Services (CMS’s) Recovery Audit Contractors conduct post-payment reviews and, for complex reviews, require medical records via Additional Documentation Requests - illustrating the centrality of documentation to adjudication.
  3. Clinical validation: Physician-led review using explicit diagnostic criteria and guideline concordance (see Section 5).
  4. Coding validation: Independent coder review; compare initial coding, documentation, and coding rules.
  5. Root-cause analysis: Training gaps vs. process flaws vs. intentional misconduct.
  6. Disposition: Education, repayment, policy changes, referral to enforcement when warranted.

3.5. Prevention and deterrence

  • Pre-bill controls on high-risk DRGs and high-impact MS-DRG CC/MCCs or APR-DRG SOI/ROM.
  • Targeted education by unit/coder/clinician based on audit results.
  • Feedback loops into CDI templates and EHR documentation prompts (carefully designed to avoid leading documentation).
  • Contractual and payment policy levers (payer side): preauthorization for select high-risk pathways; focused medical necessity review.

4. How patient-based costing (PLICS/ABC) strengthens DRG fraud/abuse detection

4.1. What patient-level costing contributes

Patient-level costing systems (PLICS) link activity with financial data to estimate costs at the individual patient level rather than relying on averages. HFMA (Healthcare Financial Management Association) describes PLICS as providing patient-level resource detail (staff, drugs, diagnostic tests).

NHS England’s PLICS collections similarly operationalize patient-level cost submissions across settings and specify that the collection contains unit costs for inpatient admissions and other activity, collected annually.

Note: Patient-level costing systems (PLICS) represent a bottom-up, activity-based costing (ABC) approach in healthcare that assigns actual costs to individual patient encounters (treatments, drugs, staff time) rather than departments.

4.2. Identification: costing-based red flags that claims-only data misses

Patient-level costing enables economic plausibility checks that complement clinical plausibility:

1. High-weight / low-cost anomalies

If DRG severity (e.g. MS-DRG CC/MCC or APR-DRG SOI) rises but patient-level direct costs (ICU nursing, pharmacy, imaging, OR time) do not move accordingly, this pattern can indicate unsupported severity coding (or systematic documentation/coding weaknesses). This is especially useful where coding changes precede any observable change in resource consumption.

2. Resource-signature mismatch

Certain diagnoses/procedures imply characteristic resource bundles (e.g., ventilation supplies, ICU time, specific drug classes). PLICS/Activity Based Costing (ABC) can detect cases where coded intensity implies resources that are absent from the costed care journey.

3. Within-DRG variance decomposition

Patient-Level Information and Costing Systems (PLICS) allows partitioning variance into clinically explainable drivers vs. unexplained residuals. High residual variance clustered by clinician/coder/unit is a strong audit target.

4. Unbundling detection through cost and charge reconciliation

Where services should be included in the DRG payment, fragmented billing often shows up as separate billed items without corresponding incremental resource consumption, or as duplicated cost allocations across encounters.

4.3. Investigation: reconstructing the care pathway

With PLICS, investigators can reconstruct “what happened” in operational terms:

  • Timeline of costed events (imaging, labs, operating theatre, bed-days, process mining).
  • Identification of missing expected elements (e.g., no ICU costs despite ICU-coded diagnoses).
  • Rapid case sampling: prioritize cases with the largest divergence between expected resource patterns and observed costs.

4.4. Prevention: pathway management and “fraud-resistant” process design

Patient-level costing supports prevention by enabling:

  • Standard pathway costing for DRG cohorts; outlier pathways trigger prospective review (e.g. process mining).
  • Service-line dashboards linking coding, outcomes, and true costs to reduce incentives for coding-driven margin seeking.
  • Cross-checks between CDI prompts and real resource use to ensure documentation improvements reflect real care complexity.

5. How EBM and EBP support DRG abuse/fraud detection and prevention

5.1. EBM/EBP as an adjudication lens for “medical necessity” and coding validity

Sackett et al. define evidence-based medicine (EBM) as the conscientious, explicit, and judicious use of current best evidence in decisions about individual patient care, integrating clinical expertise with external evidence.

This matters for integrity because several DRG risk areas hinge on clinical justification: the OIG explicitly highlights medically unnecessary services and upcoding/DRG creep.

5.2. Identification: guideline-concordance analytics

Evidence-Based Medicine (EBM)/Evidence-Based Practice (EBP) can be operationalized into surveillance rules such as:

  • Indication checks: procedure-coded DRGs require documented indications supported by guidelines (e.g., appropriateness criteria).
  • Complication validity: claimed complications should meet defined diagnostic criteria and be treated accordingly.
  • Overuse signals: patterns of low-value testing or treatment can indicate medical necessity risk. Choosing Wisely aggregates hundreds of recommendations from specialty societies about commonly overused or unnecessary tests and treatments and can be used as a structured library for “overuse audit triggers.”

These are not “proof of fraud,” but they are high-yield filters for targeted chart review.

5.3. Investigation: structured clinical review

Evidence-Based Practice (EBP) strengthens investigations by making reviews reproducible:

  • Use explicit criteria ((inter)national) guideline-based) rather than implicit judgement alone.
  • Document reasoning for why coding is/ չէ is not clinically supported.
  • Differentiate (i) true clinical complexity, (ii) documentation gaps, and (iii) intentional misrepresentation.

5.4. Prevention: embedding evidence into workflows

Clinical decision support: guideline prompts to reduce unnecessary tests/procedures (reducing both patient harm and billing risk).

Documentation standards: templates that encourage clinically meaningful detail (not leading language).

Audit feedback: case-based learning tied to guideline evidence and coding rules.

6. Cherry picking and lemon dropping under DRG payment: identification, investigation, prevention

6.1. Definitions and why DRGs can induce selection behavior

“Cherry picking” (cream skimming) and “lemon dropping” refer to provider behaviors that select patients who are profitable under fixed case payments and avoid patients likely to be unprofitable (complex, comorbid, socially challenging). Recent work in DRG economics explicitly analyzes cherry picking and upcoding as strategic responses to DRG reimbursement.

Health policy literature on case-based payments also discusses “cream-skimming,” “cherry picking,” and “lemon dropping” as potential responses to payment reforms.

6.2. Identification: measurable indicators of selection and avoidance

A defensible detection strategy uses risk-adjusted, peer-benchmarked indicators, for example:

1. Case-mix discontinuities

  • Sudden shifts toward DRGs with historically high margins (high payment relative to cost) and away from DRGs with chronic losses - especially if local epidemiology is stable.

2. Severity distribution anomalies

  • Abnormal scarcity of high-severity patients in service lines that should see them (e.g., low proportion of high SOI/ROM in APR-DRG settings), while volume remains stable.

3. Transfer and discharge pattern anomalies

  • Excessive early transfers-out of high-cost patients, unusual discharge destinations, or patterns consistent with “dumping” risk.

4. Access and scheduling indicators

  • Longer wait times or higher cancellation rates for complex patients vs. uncomplicated ones.

6.3. Investigation: separating legitimate specialization from improper selection

Not all selection is improper: regionalization and specialization can be clinically optimal. Investigation should therefore test:

  • Capability and competence justification (specialty services, staffing, ICU capacity, accreditation).
  • Clinical appropriateness of transfers and discharges.
  • Consistency with emergency access obligations, where applicable.

In the U.S., EMTALA was enacted to ensure access to emergency services regardless of ability to pay and imposes screening and stabilizing-treatment/transfer obligations on Medicare-participating hospitals with emergency services.

While EMTALA is not a DRG policy, it is directly relevant when “lemon dropping” manifests as inappropriate emergency transfers or refusal to treat.

6.4. Prevention: policy, contracting, and monitoring

  • Risk adjustment and outlier policy refinement: reduce predictable underpayment for “lemons” (e.g., better severity adjustment, stop-loss/outlier calibration).
  • Network and access requirements: contractual obligations for equitable access and monitoring of acceptance/transfer rates.
  • Clinical escalation pathways: require documented medical rationale for transfers.
  • Transparency dashboards: publish internal metrics on complexity mix, transfers, and outcomes by service line to create reputational and managerial accountability.

7. DRG variants and weight maintenance: why this matters for integrity controls

Because DRG grouping logic and weights change over time, integrity analytics must be version-aware. CMS publishes annual IPPS rule materials and describes using cost report data to calculate cost-to-charge ratios for MS-DRG relative weight methodology.

For APR-DRGs, Solventum describes annual releases reflecting ICD updates and notes that it calculates and releases annual statistics including a relative weight reflecting average resource use relative to all inpatients.

Some payers explicitly note annual updates of Solventum national weights. 

Therefore, detection baselines must be re-normalized each year (or each grouper/version change) to avoid false positives.

8. Conclusion

DRG-based payment systems require integrity programs that are simultaneously computational (detecting anomalies), clinical (validating medical necessity and documentation), and operational (preventing recurrence). A robust implementation couples:

  1. governance aligned to known risk areas (upcoding/DRG creep, unbundling, non-rendered services, unnecessary care),
  2. layered analytics with peer benchmarking and clinical coherence checks,
  3. an investigation pipeline grounded in record review practices similar in structure to established audit programs, and
  4. prevention controls that reshape incentives.

Patient-level costing (PLICS/ABC) adds a powerful second lens - resource reality - which improves both detection precision and root-cause clarity.

EBM/EBP adds a third lens - clinical appropriateness - that operationalizes “reasonable and necessary” into auditable criteria and reduces overuse signals that can masquerade as legitimate complexity. 

Finally, monitoring and mitigating cherry picking/lemon dropping requires risk-adjusted access and transfer surveillance and, where applicable, strict compliance with emergency access obligations.

Bibliography (selection)

U.S. Department of Health and Human Services, Office of Inspector General. Compliance Program Guidance for Hospitals. Federal Register. 1998;63(35).

U.S. Department of Health and Human Services, Office of Inspector General. Medicare Hospital Prospective Payment System: How DRG Rates Are Calculated and Updated (OEI-09-00-00200).

Centers for Medicare & Medicaid Services (CMS). FY 2026 IPPS Final Rule Home Page (materials describing MS-DRG relative weight methodology inputs). 2026.

CMS. Medicare Fee for Service Recovery Audit Program (program description of automated/complex reviews and documentation requests). 2025.

Sackett DL, Rosenberg WMC, Gray JAM, Haynes RB, Richardson WS. Evidence based medicine: what it is and what it isn’t. BMJ. 1996;312:71–72.

Choosing Wisely (ABIM Foundation initiative). Choosing Wisely recommendations and campaign materials.

NHS England / NHS Digital. Patient Level Information and Costing System (PLICS) Data Collections (scope and unit-cost content; annual collection). 

Healthcare Financial Management Association (HFMA). What is patient-level costing (PLICS)?

Solventum. All Patient Refined Diagnosis Related Groups (APR DRGs) Classification System (annual releases; severity levels; relative weight description).

Mississippi Division of Medicaid. APR-DRG Frequently Asked Questions (statement on annual update of Solventum national weights). 2026.

Joiner, K. A., Lin, J., & Pantano, J. (2024). Upcoding in medicare: where does it matter most?. Health Economics Review, 14(1), 1. (peer-reviewed analysis of upcoding magnitudes across settings).

Crespin, D., Dworsky, M., Levin, J., Ruder, T., & Whaley, C. M. (2024). Upcoding Linked To Up To Two-Thirds Of Growth In Highest-Intensity Hospital Discharges In 5 States, 2011–19: Study examines hospital patient discharges with highest-intensity charge codes. Health Affairs, 43(12), 1619-1627.

LEVIN, J. S., CRESPIN, D. J., KIM, J., REID, R. O., WHALEY, C. M., & DWORSKY, M. (2024). Methodologies to Measure Upcoding in Provider Settings. A Scoping Review. RAND Corporation.

Savva, N., Debo, L., & Shumsky, R. A. (2023). Hospital reimbursement in the presence of cherry picking and upcoding. Management Science, 69(11), 6777-6799. (analysis of strategic responses under DRG reimbursement)

CMS. Emergency Medical Treatment & Labor Act (EMTALA) (statutory purpose and obligations summary).

Van Osta P., An essay concerning a new healthcare.

Popular posts from this blog

Hervorming van de Belgische ziekenhuisfinanciering - struikelblokken & mogelijke hervormingsscenario's en hun voor- en nadelen

Inleiding De hervorming van de Belgische ziekenhuisfinanciering is al decennia onderwerp van debat. Hoewel de noodzaak tot hervorming breed wordt erkend -o.a. omwille van toenemende zorgkosten, vergrijzing en ongelijkheden - zijn er verschillende structurele en politieke obstakels die echte verandering bemoeilijken. De belangrijkste struikelblokken zijn: Complex institutioneel landschap België is een federale staat met bevoegdheden die onevenwichtig verspreid zijn over: Federale overheid (o.a. ziekenhuisfinanciering, RIZIV) Gemeenschappen en gewesten (o.a. preventie, infrastructuur) Deze versnippering leidt tot: Gebrekkige beleidscoördinatie (initiatieven, implementatie en organisatie) Trage besluitvorming Conflicten tussen bevoegdheidsniveaus (geen hiërarchie in bevoegdheden) Structurele versnippering: De financiering en bevoegdheden zijn verdeeld over het federale en regionale niveau (6e staatshervorming), wat hervormingen politiek complex maakt. Ziekenhuizen worden g...
Read more

The relation between EHDS and OHDSI OMOP CDM

The European Health Data Space (EHDS) and the Observational Medical Outcomes Partnership (OMOP) Common Data Model (CDM) are both key initiatives aimed at enabling the interoperability, secondary use, and harmonization of health data across Europe. However, they serve different but complementary roles. Overview of the European Health Data Space (EHDS) The EHDS is a European Union (EU) initiative designed to: Improve the use and exchange of health data across EU member states. Enhance healthcare delivery and research by enabling cross-border access to electronic health records (EHRs), genomic data, and registries. Ensure data privacy and security under GDPR (General Data Protection Regulation) and other European legal frameworks. Promote a federated data-sharing ecosystem, where different institutions can securely access and analyze health data without centralized storage. Key Components of EHDS: Primary use of health data: Facilitates healthcare delivery across borders. Secondary use of...
Read more

De ontwikkeling van het marktaandeel van Belgische ziekenhuizen - externe en interne factoren

De ontwikkeling van het marktaandeel van een Belgisch ziekenhuis wordt beïnvloed door zowel externe als interne factoren. Deze kunnen positief of negatief uitwerken, afhankelijk van hoe ze worden beheerd of hoe de context evolueert. Externe factoren (buiten de organisatie) Positieve invloeden: Vergrijzing en verzilvering van de bevolking - Meer vraag naar zorgdiensten, vooral geriatrie, chronische (multidisciplinaire, transmurale) zorg en revalidatie. Technologische vooruitgang - Door samenwerking met competente technologie-partners kan het ziekenhuis zich profileren als innovatief, wat verwijzingen door huisartsen bevordert en patiënten aantrekt. Samenwerking binnen goede georganiseerde zorgnetwerken (bv. ziekenhuisnetwerken) -Toegang tot bredere patiëntpopulaties (geografisch, demografisch) en effectievere en efficiëntere zorgstructuren. Reputatie in de regio -Positieve mond-tot-mondreclame door huisartsen en patiënten, samen met goed gefundeerde en wetenschappelijk onderbouwde...
Read more