• Revenue Cycle Management
  • COVID-19
  • Reimbursement
  • Diabetes Awareness Month
  • Risk Management
  • Patient Retention
  • Staffing
  • Medical Economics® 100th Anniversary
  • Coding and documentation
  • Business of Endocrinology
  • Telehealth
  • Physicians Financial News
  • Cybersecurity
  • Cardiovascular Clinical Consult
  • Locum Tenens, brought to you by LocumLife®
  • Weight Management
  • Business of Women's Health
  • Practice Efficiency
  • Finance and Wealth
  • EHRs
  • Remote Patient Monitoring
  • Sponsored Webinars
  • Medical Technology
  • Billing and collections
  • Acute Pain Management
  • Exclusive Content
  • Value-based Care
  • Business of Pediatrics
  • Concierge Medicine 2.0 by Castle Connolly Private Health Partners
  • Practice Growth
  • Concierge Medicine
  • Business of Cardiology
  • Implementing the Topcon Ocular Telehealth Platform
  • Malpractice
  • Influenza
  • Sexual Health
  • Chronic Conditions
  • Technology
  • Legal and Policy
  • Money
  • Opinion
  • Vaccines
  • Practice Management
  • Patient Relations
  • Careers

Theft in a medical practice: Why it happens and how to stop it


Protecting against embezzlement comes down to eliminating opportunity. You cannot do much, if anything, to control another person’s motive or rationalization. However, motive and rationalization are the places where you look for a problem.


Robert C. Scroggins, JD, CPA, CHBCProtecting against embezzlement comes down to eliminating opportunity. You cannot do much, if anything, to control another person’s motive or rationalization. However, motive and rationalization are the places where you look for a problem.

If you ask either the Association of Certified Fraud Examiners or the auditing gurus with the American Institute of CPAs, they will tell you that embezzlement, theft, and fraud are most likely to occur when three conditions exist together:

  • Incentive or pressure to steal (motivation).

  • Rationalization of the potential theft.

  • Opportunity or perceived opportunity to steal.

The reasons and circumstances behind motive and rationalization will be different to some extent in every case, but paying attention to the behavior and habits of your staff and taking note of personal financial pressures will help you be cognizant of the potential for a problem.

Also, keep in mind that long-term trusted employees account for just as many occurrences as new hires.

The reasons why embezzlement happens

Both financial pressure and greed share the stage when it comes to motive.

Some of the more common situations involve snowballing personal expenses that become difficult or impossible to resolve, family members who impose significant financial demands (i.e. those demands may not be observed directly in your employee), lifestyle and luxury spending in excess of income, and other financially draining behaviors like gambling. In addition to direct observation of these warning signs, it is also important to pay attention to comments and conversations among your staff since they are likely more aware than you of what is occurring in each other’s lives outside of work.

Rationalization follows motive. “I’m just going to borrow a little money and I’ll pay it back.” Or, “The doctor makes a lot more than I do so I need this money more than she does.” Theft is never justified so rationalization is necessary.

The targets of medical practice theft

Theft of office or clinical supplies or other tangible assets can certainly be a problem, but the most significant occurrences involve a misappropriation of cash, often in small amounts over a long period of time.

Cash can be a target of theft when money is coming into the practice and money is going out.

As our firm works with practices of all specialties throughout the Midwest we are often asked to help identify areas vulnerable to embezzlement. Many times we find that reasonably good attention has been given to either receivables or payables, but appropriate structure is lacking with one of those areas. This can be due to differing degrees of attention by one manager verses another. Or, a particular cash control process has broken down because of staff or systems changes, and a new cash control process was not re-established.

More often than not, with respect to revenue, theft relates to copayments and deductibles and particularly cash receipts.

With payables, a couple examples of common embezzlement schemes include personal charges placed on the practice credit card, fictitious vendors or duplicate payments to the same vendor (with one going into the account of the embezzler) covered up by an alteration of records, and completing transactions online where a “paper trail” is lacking.

Control systems are crucial to preventing theft

In any well-run business maximum success depends on well-designed and followed systems and processes, and this is certainly true when it comes to the prevention of theft.

Think about this too: If you don’t establish good controls to protect against embezzlement, you are doing a disservice to your employees who you’ve asked to handle your money. If there is ever a suspicion of theft and you don’t have good controls in place, it is much easier to jump to an incorrect conclusion that results in distrust and disharmony among your staff.

Remember, well-established systems to protect against embezzlement are good for everyone.

Removing the opportunity for theft

There are two key concepts to consider when constructing a system of good internal controls.

Each process should be designed to involve a separation of duties, and should have a designated control person. Separation means a process that involves two different people in a way that causes them to verify each other’s work as a result of the process itself. A control person is someone removed from the cash handling process and consequently available to be in charge of verification.

For example, one employee would be entirely responsible for the cash drawer, including daily balancing and taking the deposit to the bank. Another employee is the control person who will receive patient encounter forms and receipts but does not have access to the cash drawer and does not take deposits to the bank. If there is a third employee who takes the money to the bank, that means another step is added to make sure the deposit amount is confirmed.

This separation of duties and control person approach should be applied to all activities vulnerable to theft. A full description of all possible controls would consume many pages, and each practice is different in size and organizational structure so good internal controls are not a one-size-fits-all proposition. But, hopefully the examples above convey the most important concepts and provides guidance in establishing systems and processes that will work well for your practice. Your practice management consultant or CPA can be very helpful in evaluating your current processes and assisting with changes to make your internal controls stronger and embezzlement less likely.

No foolproof theft protection plan exists

Even with the very best controls in place, there is no way to absolutely protect or guarantee against embezzlement. (This is even true in banking environments.) But every practice needs to take steps to prepare for theft.

Your employee handbook should make clear that embezzlement is grounds for immediate termination and prosecution. Also, you should carry a bonding policy to insure against it.

We find that some doctors are reluctant or unwilling to prosecute an employee caught stealing. That discomfort subsides a bit when the staff has been forewarned (in the policy) and even more so when the prosecution effort can be turned over and handled by a third-party insurance carrier. 



Robert C. Scroggins, JD, CPA, CHBC, is a management consultant and principal with Clayton L. Scroggins Associates, Inc., in Cincinnati, Ohio. Send your practice management questions to


Subscribe to Medical Economics'weekly newsletter. It's free!

Related Videos
Jennifer N. Lee, MD, FAAFP
© National Institute for Occupational Safety and Health
© National Institute for Occupational Safety and Health
© National Institute for Occupational Safety and Health
© National Institute for Occupational Safety and Health