Sorry for this long post. I'm trying to implement some better security settings for the office and it can be a little hard to wrap my head around all of this. I searched for this subject and there weren't a lot of posts talking about it so hopefully it can help others out as well.
Obviously the easiest way to embezzle some money from the office is to pocket cash and alter the records to hide what has happened. As far as I understand it, if you did pocket the cash and try to hide it, the most likely (and therefore worth the effort) ways to change a fee are:
1- before completing the procedure (avoid this problem by having the procedures set complete by assistant on clinical computers and not allowing front office computers the ability to edit completed procedures. Check for deleted procedures to make sure front office doesn't delete what you set complete and make a new version that they alter before setting complete on a clinical computer)
2-after competing the procedure as an adjustment or edit (all adjustments to a completed procedure show up in audit, look specifically in the ProcComplEdit list for the word “delete” and dollar amounts which would show the altered charge amount). Looking over these though, there are many things that show the dollar amount under the ProcComplEdit thus making it hard to tell if it was an altered cost or not. Does anyone have any recommendations on how to monitor or prevent this?
3-and as an insurance adjustment later (avoidance discussed below)...
Let me know if my thought process is correct on this...
Staff can do this change at the time of payment, when the insurance check arrives or anytime in between. This seems like it would be hard to verify because insurance adjustments vary a lot and come a few weeks down the road. How do you stay on top of all the scenarios and complicated ways that someone could alter a payment using this method...would you only allow insurance adjustments on a certain day of the week or with someone else present or physically compare statements when insurance check comes in? To make it even more complicated it looks like we enter the insurance adjustments two times for some people. We do the estimated insurance writeoff on newer plans, then when the check comes we sometimes were incorrect and have to do another write off. How do you verify that an insurance writeoff was for being a PPO and not staff altering it and pocketing the money?
Furthermore, to avoid the most likely forms of embezzlement, I check all statements for the checking and CC accounts so nothing slips through there. I know nothing is 100% fool proof, but are there other easy ways for staff to embezzle that I haven't addressed here? Am I missing any ways to alter the fee?
If your security settings are such that people can't change amounts without doing an adjustment, do you need to do the following: print off the daily production sheets and then later the monthly production sheet and make sure the daily totals match the monthly and then at the end of the year make sure the monthlies match the yearly?
In summary, besides setting up security clearances correctly, printing a paper trail to compare production totals and setting procedures complete in the room one should check the following things using the audit feature::
make sure adjustments match up with needs (ie-if you offer a Senior Citizen discount, make sure it was on a patient that is that age) by doing AdjustmentCreate and Adjustment/Edit
ChooseDatabse to make sure nothing complex going on there
DepositSlips to make sure none were changed after being created
PaymentEdit
ProcComplEdit
Anything else?
Feel free to email me if you feel more comfortable (opendentalforum@snoqualmieOPENDENTALdental.com just replace opendental with the word "falls").
Embezzlement Avoidance - Long
Re: Embezzlement Avoidance - Long
A couple of things came to mind. First, you seem to have a pretty good handle on the cash side of embezzlement. Basically limit their access to editing procedures and check the adjustments every so often. As far as credit card payments and checks, thats a different story. You'd have to have someone who was pretty smart and ballsy to be able to embezzle credit card payments and checks. If someone did embezzle an insurance check you could find this by doing some type of query to look for an insurance claim with no payment and a writeoff. There would still be false positives, but it would give you a good starting point to check from.