Whistleblowing to Expose Criminal Activity in the Health Sector

Whistleblowing to Expose Criminal Activity in the Health Sector

Niyi Awofeso (School of Health and Environmental Studies, Hamdan Bin Mohammed Smart University, UAE)
Copyright: © 2020 |Pages: 16
DOI: 10.4018/978-1-5225-9715-5.ch021
OnDemand PDF Download:
No Current Special Offers


A whistleblower is an employee who alleges wrongdoing by his or her employer (or any organization) of the sort that violates public law or tends to adversely affect the public or at least some members of the concerned organization. The World Health Organization cites healthcare-related fraud as one of 10 leading causes of inefficiency in health systems. Despite the potential of whistleblowing to reduce healthcare fraud and unearth criminal negligence with respect to patient safety, it remains a highly controversial approach for exposing criminal activity and improving patient safety in the health sector. This chapter discusses the main aspects of healthcare fraud as well as the potential of whistleblowing to address such widespread health system deficiencies, particularly those cybersecurity-related. The author favours internal whistleblowing for criminal misdeeds in the health sector as a first resort. Veracity of whistleblowing allegations should not be taken for granted, and due process must be accorded all individuals accused of criminal negligence or fraud.
Chapter Preview


Whistleblowing is the non-obligatory act of disclosing information about unethical or criminal activity in an organization. Although most instances of whistleblowing in the health sector relate to patient safety issues such as reporting on poor clinical outcomes involving a single individual over a period (Dyer, 2005; Bolsin et al, 2011), the health sector is not immune from criminal activity. Health care fraud – defined as an intentional deception or misrepresentation that the individual or entity makes knowing that the misrepresentation could result in some unauthorized benefit to the individual, or the entity or to some other party - is a major crime in most nations, accounting for 2% to 10% of total healthcare costs. In countries with universal health insurance such as UAE, health insurance fraud may account for up to 10% of total health insurance claims (Awofeso, 2017). The World Health Organization has cited fraud as one of 10 leading causes of inefficiency in health systems (WHO, 2010). The current global average loss rate of 6.19% attributable to health system fraud expressed as a proportion of 2013 global health budget of $7.35 trillion equates to $455 billion (Gee and Button, 2015).

In most other nations, (external) whistleblowing – leaking information to the press or independent healthcare complaints boards, for example, is discouraged due to reputational effects on the organization. Pertinent in this regard is the impact of vexatious whistleblowing, in which whistleblowers may accuse healthcare personnel of, for example, research fraud, without substantiating their claims – leading to incalculable damage to professional and organisational reputation (Wright, 2010). There is also a somewhat paternalistic reason why some organizations appear to discourage (external) whistleblowing – whistleblowers suffer substantial ostracization from colleagues and senior management, even if the whistleblower’s accounts are true. (van de Verden et al, 2018). Whistleblowing situations are stressful and may cause physical and emotional health problems for both whistleblowers and non-whistleblowers (McDonald & Ahern, 2002).

Over the past three decades since the World Wide Web became established internationally, it has produced mixed results for both facilitating and preventing criminal activity in the health sector. With the expansion in online use of health care in payments, data storage and medical devices using online platforms, the risks to patient data confidentiality and cyberattacks on medical devices have increased exponentially. Since 2000, the American Medical Association gas deemed internet healthcare ethics an important sector, and implemented principles governing websites that its members use for health related purposes, such as; “Medical websites, more than any other type of site on the Internet, should ensure visitors' personal privacy and prevent personal medical information, including patterns of use and interests, from being sold, purchased, or inadvertently entering the hands of marketers, employers, and insurers.” (Winker, Flanagi, Chi-lum et al, 2000). With internet technology being increasingly used in health care medical devices as well as in and health care research, risks related to hacking of medical devices and falsification of research data may increase. According to the 2018 Stericycle Recall Index report, there was a 126% increase in recalls of medical devices such as cardiac pacemakers between 2017 and 2018, mainly due to software hacking vulnerabilities (Stericycle Expert solutions, 2018). The use of internet-based media outlets enables whistleblower activities to reach every corner of the globe, with major adverse consequences for the organization and the whistleblower. These issues illustrate the nexus between healthcare, the internet and illegal or unethical activities.

Key Terms in this Chapter

Veracity: Conformity to facts; accuracy. Veracity is often difficult to establish in whistleblowing contexts since most whistleblowers have only limited information on a specified issue. Consequently, a significant proportion of external whistleblowing incidents have been found to be false. Contemporary whistleblowing laws such as the 2019 law in Australia require whistleblowers to provide objective evidence as condition to raising concerns internally or externally.

Criminal Negligence: Reckless disregard for the lives or safety of other persons. In health care contexts, healthcare providers have a fiduciary responsibility for providing appropriate treatment to patients under their care. Many nations have laws that make overt negligence in the provision of healthcare a criminal offence.

Raising Concerns Policy: Otherwise labelled “freedom to speak up” and “internal whistleblowing” such policies provide standardization of internal channels for speaking up about illegal or unethical practices and provide support and required anonymity for the employee who raises a concern.

Health Research Fraud: Intentional misrepresentation of the methods, procedures, or results of healthcare research. Behavior characterized as scientific fraud includes fabrication, falsification, or plagiarism in proposing, performing, or reviewing scientific research, or in reporting research results. Health research fraud is unethical and often illegal. A good example of such fraud with major ramifications is the measles-autism link published in the lancet but retracted in 2010 when it was confirmed that the study was conducted dishonestly and irresponsibly, using bogus data. Nevertheless, this erroneous link is partly responsible for increasing refusals of Measles containing vaccines by parents.

Patient Safety: Initiatives to assure freedom from accidental or preventable injuries produced by medical care. Emphasis is placed on the system of care delivery that prevents errors, learns from the errors that do occur, and is built on a culture of safety that involves health care professionals, organizations, and patients. With the expansion of internet technology in the use of medical devices such as cardiac pacemakers, patient safety is increasingly vulnerable to web-based attacks, which have serious repercussions.

Virtue Ethics: Person rather than action based ethical conduct. It analysis at the virtue or moral character of the person carrying out an action, rather than at ethical duties and rules, or the consequences of particular actions. When morally orthodox and benevolent, virtue ethics is closely aligned to the ethical principle of deontology – fulfilling a virtuous moral duty. Many whistleblowers claim that their decision to expose alleged wrongdoing in their organizations were motivated by the desire to act according to their moral character to prevent harm to innocent others.

Relational Ethics: A contemporary approach to ethics that situates ethical action explicitly in relationship. An important context of such relationships is within organizations, in which employees and employers have roles and responsibilities. Organizational policies and codes of conduct (and in some nations, anti-defamation laws) usually explicitly prohibit employees from discussing or exposing company secrets to the media or third parties without management approval. Thus, external whistleblowers are implicitly violating the relational ethics of such organizations.

Healthcare Fraud: An intentional deception or misrepresentation that the individual or entity makes knowing that the misrepresentation could result in some unauthorized benefit to the individual, or the entity or to some other party Healthcare fraud refers to illegal acts of misrepresentation and false claims in order to receive undue financial or healthcare advantages. Health care fraud accounts for between 2 and 10% of wasted health resources globally. The World Health Organization cites healthcare-related fraud as one of 10 leading causes of inefficiency in health systems. Web-based healthcare fraud is a major challenge, especially when signatories to health organizations’ accounts siphon money into private bank accounts. Regular audits and electronic monitoring systems such as e-claims management services help to monitor and prevent healthcare fraud.

Whistleblowing: Non-obligatory act of disclosing information about unethical or criminal activity in an organization. Internal (intra-organizational) whistleblowing is less damaging to organizational credibility and the careers of whistleblower than external whistleblowing – reporting to the media or anti-corruption or institutional ethics boards. The term whistleblower comes from the whistle a referee uses to indicate an illegal or foul play. Ralph Nader coined the phrase in the early 1970s to reduce stigmatization of individuals who report illegal activity, any of whom were at the time referred to as “rats” and “snitches”. There are no public cases of cybersecurity whistleblowers on record to date, but in countries like the United States where large organizations have minimum mandatory cybersecurity requirements and payments of up to 30% may be received for whistleblowing acts which lead to recovery of assets from the Securities and Exchange Commission, a strong potential exists for such cases to emerge.

Complete Chapter List

Search this Book: