Health care fraud costs the country tens of billions of dollars a year. It’s a rising threat, with national health care expenditures estimated to exceed $3 trillion in 2014 and spending continuing to outpace inflation. Recent cases also show that medical professionals continue, and may be more willing, to risk patient harm in furtherance of their schemes. The FBI is the primary agency for exposing and investigating health care fraud in the U.S., with jurisdiction over both federal and private insurance programs. We seek to identify and pursue investigations against the most egregious offenders involved in health care fraud through our investigative partnerships with federal, state, and local agencies, as well as our relationships with private insurance national groups, associations, and investigative units. Our field offices proactively target fraud through coordinated initiatives, task forces and strike teams, and undercover operations.

Medical Equipment Fraud: Equipment manufacturers offer “free” products to individuals. Insurers are then charged for products that were not needed and/or may not have been delivered.

“Rolling Lab” Schemes: Unnecessary and sometimes fake tests are given to individuals at health clubs, retirement homes, or shopping malls and billed to insurance companies or Medicare.

Services Not Performed: Customers or providers bill insurers for services never rendered by changing bills or submitting fake ones.

Medicare Fraud: Medicare fraud can take the form of any of the health insurance frauds described above. Senior citizens are frequent targets of Medicare schemes, especially by medical equipment manufacturers who offer seniors free medical products in exchange for their Medicare numbers. Because a physician has to sign a form certifying that equipment or testing is needed before Medicare pays for it, con artists fake signatures or bribe corrupt doctors to sign the forms. Once a signature is in place, the manufacturers bill Medicare for merchandise or service that was not needed or was not ordered.

Tips for Avoiding Health Care Fraud or Health Insurance Fraud:

• Never sign blank insurance claim forms.
  
  
• Never give blanket authorization to a medical provider to bill for services rendered.
  
  
• Ask your medical providers what they will charge and what you will be expected to pay out-of-pocket.
  
  
• Carefully review your insurer’s explanation of the benefits statement. Call your insurer and provider if you have questions.
  
  
• Do not do business with door-to-door or telephone salespeople who tell you that services of medical equipment are free.
  
  
• Give your insurance/Medicare identification only to those who have provided you with medical services.
  
  
• Keep accurate records of all health care appointments.
  
  
• Know if your physician ordered equipment for you.

Still are app developers careless with user data. A study by the Fraunhofer SIT showed that several million records are at risk in the cloud - for a lax handling of authentication.

Developers are still storing unprotected preferred secret keys and tokens for access to the cloud storage in their apps. With little effort it can get read. For this criminals can get access to databases such as the Amazon Web Services (AWS) or Facebook. By this way are up to 56 million records compromised, estimates the Fraunhofer Institute for Security in Information Technology (SIT).

Together with the Technical University of Darmstadt and expert from Intel examined the Fraunhofer SIT in an automated process about two million apps in Google Play Store and Apple's App Store. In many has been the simplest form of authentication for access to cloud providers implemented. The developers are probably not aware of how inadequate the information are protected and getting collected by the Apps Data.

Unrestricted access to customer data

In their experiments, the scientists could not only read highly personal information, such as who are friends with whom Facebook or health information, from some app users. Using the secret key actually they could read complete user databases or even could manipulate them.

The report concludes that user cannot become actively protect. You should be careful what app you entrust personal information. Developers, however, should be better informed of the safety precautions of the cloud provider and implement more restrictive access controls in their apps. The researchers have already informed some developers on the most critical vulnerabilities.

Cloud providers have to act

Even with the providers of cloud services is the Fraunhofer SIT in contact. Both, Amazon and Facebooks Parse.com, Google and Apple have been informed of the findings too. The cloud providers also incumbent responsibility to bring the app developers to use not only the most vulnerable authentications. In addition, the cloud provider should make not convenient, but the safest possible standards mandatory.

The problem is not new. Already in June 2014 did researchers of the New York's Columbia University, a similar investigation and covered a distance of thousands of secret access token for Amazon Web Services open. The researchers then criticized that many developers did not follow the recommended conversions when programming their Apps and imbedded secret keys directly into the source code. They are apparently unaware of how simple source code can be translated back. In March 2014 researchers had discovered ten thousands of AWS credentials on Github.