The National Health Insurance Service (NHIS) of the Republic of Korea operates a machine learning-based fraud detection and prediction system designed to identify irregularities and forecast potential misuse in healthcare provider billing across the country's universal health insurance programme. South Korea's National Health Insurance system covers virtually all residents, with healthcare services delivered predominantly by private-sector providers who submit claims to NHIS for reimbursement. The fraud detection system targets healthcare facilities that are not established in accordance with current regulations, for example those operated by unqualified persons seeking to maximise profit through fraudulent insurance claims, with a particular focus on long-term care benefits and health insurance eligibility fraud.
NHIS began applying artificial intelligence to fraud detection from 2020, building upon earlier rule-based detection approaches. The system operates as a hybrid detection architecture that combines traditional rule-based screening with AI predictive models to identify information with a high probability of fraud. The machine learning component employs a range of supervised learning techniques, including deep learning, random forest, gradient boosting, logistic regression, and support vector machine (SVM) algorithms. These models are trained on NHIS healthcare big data, which includes socio-demographic variables, disease and treatment history records, and provider billing patterns. The system generates ranked alerts for investigator review, flagging cases with the highest probability of fraudulent activity for priority examination by human investigators.
The transition from experiential, manual screening approaches to data-driven management represented a significant operational shift for NHIS. Previously, fraud detection relied heavily on the experience and intuition of individual investigators reviewing claims data. The machine learning system enables proactive data analysis to identify and manage fraudulent activities systematically rather than reactively. The system processes administrative health insurance claims, provider billing records, and beneficiary identifiers, with beneficiary data pseudonymised in accordance with the Personal Information Protection Act (PIPA). PIPA, one of the strictest data protection frameworks globally, classifies health data as sensitive information under Article 23 and imposes stringent requirements on data controllers, including mandatory designation of a Chief Privacy Officer, data protection impact assessments, and penalties for non-compliance including corrective orders, penalty surcharges, and potential criminal prosecution.
In terms of documented outcomes, the fraud detection system has demonstrated substantial results. Between 2014 and 2021, NHIS detected 567,820 cases of fraud, equivalent to approximately 174 million United States dollars in claim value. In 2023, NHIS enhanced its fraud detection system to combat evolving forms of fraud, uncovering 18.534 billion Korean won (approximately 14 million USD) in unjust enrichment through the machine learning-based detection and prediction system. These results reflect a significant curbing of financial leakage in long-term care financing and healthcare claims processing.
The human oversight model follows a human-in-the-loop paradigm. Investigators manually review and adjudicate all cases flagged by the system before any enforcement action or sanction is imposed. The AI system outputs inform compliance investigations but do not autonomously impose sanctions or alter entitlements. This approach ensures that algorithmic outputs serve as decision support tools rather than automated decision-makers, reflecting the high-criticality nature of the decisions involved, which can affect healthcare provider licensing, financial penalties, and access to the national health insurance system.
The system operates within a governance framework defined by several key pieces of legislation. The Personal Information Protection Act (PIPA) governs the processing of personal and sensitive health data, requiring pseudonymisation for analytical purposes and imposing strict data handling obligations. The Digital Government Act and the National Data Innovation Strategy provide the broader policy framework for data-driven governance and digital transformation across Korean government agencies, including NHIS. NHIS is also subject to internal audit controls and Ministry of Health and Welfare data-ethics oversight.
The technical infrastructure is reported to operate on NHIS on-premise systems within national government cloud architecture, with data maintained under domestic jurisdiction. No public disclosure has been made of specific third-party vendors or commercial software partners involved in developing or maintaining the machine learning models, and the technical architecture of the AI pipeline has not been publicly documented in detail. The International Social Security Association (ISSA) has recognised the NHIS fraud detection system as a good practice example for data-driven innovation in social security across the Asia and Pacific region, documenting the system in multiple publications and good practice awards.