The National Audit Office: the Estonian Health Insurance Fund’s control activities fail to systematically prevent or detect the misuse of health insurance funds

Priit Simson | 6/10/2020 | 10:00 AM

Text size: [-A] [+A]

Language: EST | RUS | ENG


TALLINN, 20 June 2020 – The Health Insurance Fund’s (EHIF) control activities fail to systematically prevent or detect the misuse of health insurance funds, NAO stated in its audit report “The Estonian Health Insurance Fund control over the financing of health care services”. In addition, it appeared that in several cases, EHIF had not fined healthcare providers who had been caught in fraud. 

The National Audit Office is of the opinion that in case of fraud, the Health Insurance Fund must impose a larger fine and terminate the contract, to give the healthcare providers a clear message that such behavior is unacceptable. When fraud was detected, contractual penalties were applied only a few times during the audit period and were relatively small. The two largest contractual fines were each EUR 5,000, representing 0.22% and 0.0076% of the turnover of the fined service providers. When detecting a misuse, including a fraud, EHIF has not rushed to punish the institutions, but has limited its actions to reclaiming the money for incorrect treatment invoices. According to EHIF, it is difficult to distinguish fraud cases from errors, and prompt and high contractual penalties jeopardize the continuity and availability of the service, especially in a situation where there are few market participants.

"According to EHIF, they use a flexible approach and fine partners only when absolutely necessary. Unfortunately, we know from previous practice a case where a triple violation did not lead to necessary punishment," commented Auditor General Janar Holm. "Moreover, following the next procurement, EHIF increased the volume of health care service provided by the repeat offender." Previously, EHIF has mentioned that fines or contract termination can in certain circumstances lead to a situations where patients won’t have any access to the treatment.

Holm recognized EHIF for taking a more decisive approach to responding to violations over the past year and a half. "I understand that EHIF is also in a difficult situation where stricter penalties can stop a healthcare service in an area, for example, and there is no provider who would want to take it over," Holm said, referring to wider problems with the healthcare system. "Human errors are understandable, however, deliberate deception cannot in any way become acceptable due to the circumstances."

The National Audit Office finds that the number of more thorough or targeted controls of treatment invoices should be significantly higher than it currently is. All treatment invoices submitted to EHIF are subject to automatic checks to prevent simpler errors and fraud, but the audit showed that only a small proportion of treatment invoices pass a more thorough check - a comparison of treatment invoices and medical records (such as a medical history summary), which is called targeted selection. In 2019, only 0.04% of treatment invoices were checked thoroughly, i.e. under targeted selection, which is less than 4,000 invoices per year, while the total number of invoices in that year was 10.7 million. The National Audit Office finds that with such a small number of invoices passing targeted selection, serious misuses remain undetected.

Comparing treatment invoices and medical records one by one is a labor-intensive activity, which is why EHIF has carried out less targeted selections in recent years than before. At the same time, EHIF has set itself the goal of using data analysis and machine training to better target these controls. The National Audit Office recognizes EHIF for these innovations, but finds that as long as these methods are still being under development, the volume of records to be audited should not decrease. It is also important to move towards the development of automatic comparisons between treatment invoices and medical records in the health information system in order to save labor and to be able to control more treatment invoices.

The National Audit Office finds that it is necessary to create more convenient conditions for patients to assess the correctness of a treatment invoice. Many frauds can only be detected with the help of patients - for example, situations where a more expensive service is billed than actually provided, or the patient has not received the service at all. If the treatment invoice and medical records contain the same information then EHIF has no other means of verifying the correctness of the invoice.

Since 2016, patients have had access to their treatment invoices in the patient portal and they can see the services provided as well as the funds spent. So far, the number of people who have viewed their treatment invoices is rather low: in the first half-year of 2019, an average of approximately 8900 people per month, i.e. 1.9% of the people who received healthcare services in the same period. In order to facilitate access to treatments invoices, EHIF should launch an application that informs the person at a certain regularity (e.g. by SMS or e-mail) when the treatment invoice for their visit is available on the patient portal. At the same time, it should be easy to give feedback to EHIF on the same portal.

In the opinion of the National Audit Office, the exchange of information between the Health Insurance Fund, the Health Board and the State Agency of Medicines was poor during the audited period. In order to plan controls on service providers more effectively, authorities should systematically share observations and monitoring results with each other, but this is not currently the case. The National Audit Office recommends that EHIF introduce a so-called information technology desktop, i.e. a solution where the audit results of all institutions would be displayed in one view. In addition, EHIF should also use data from external registers to set up automatic controls. For example, the validity of an activity license of a healthcare provider is not verified because this specific register is maintained by the Health Board. Therefore, a situation may arise where EHIF pays for treatment invoices submitted by an unlicensed service provider because EHIF is not aware that there is no activity license. During the audit, the National Audit Office also discovered a similar case.

The National Audit Office found that EHIF started clarifying the risks of fraud only after major frauds were discovered in 2017. It started after allegations of fraud were reported in the media. However, a clear progress can be seen. While fraud risks were initially included in risk management documents in general terms, since the end of 2019, fraud risks have been classified by activities and responsibilities.

"Complicated risk assessments or software developments are not always necessary to detect a fraud. Problems often present themselves and simply need to be addressed more thoroughly and systematically," said Auditor General Janar Holm. An analysis of the complaints submitted to EHIF revealed that EHIF had checked all the cases identified in the patients' complaints. The National Audit Office found that in some cases the complaints could refer to a broader problem, but EHIF only controlled the treatment invoices in a specific complaint. For example, the patient reported that on the patient portal it said that the patient with their family had received services ten times between 2014 and 2016, but that they had never actually used those services. EHIF reclaimed the money paid for these ten invoices back from the institution, but did not further control the institution's activities.


In 2019, the Estonian Health Insurance Fund paid 991 million euros for 10.7 million treatment invoices. In addition, the costs of medicines and medical devices totaled nearly 177 million euros.

As a result of control activities, a total of over 400,000 euros was reclaimed from service providers in 2019.

During the audit, the National Audit Office assessed whether the Health Insurance Fund

  • is able to prevent or detect the misuse of health insurance funds;
  • reacts accordingly, in case of suspicion or detection of the misuse of funds, and imposes sanctions where required.


Priit Simson
Head of Communications of the National Audit Office of Estonia
Phone +372 640 0777;
+372 5615 0280
[email protected];
[email protected]

  • Posted: 6/10/2020 10:00 AM
  • Last Update: 6/11/2020 3:46 PM
  • Last Review: 6/11/2020 3:46 PM

When detecting a misuse, including a fraud, EHIF has not rushed to punish the institutions, but has limited its actions to reclaiming the money for incorrect treatment invoices.

Rauno Volmar/ Ekspress Meedia/ Scanpix

Additional Materials


More News