On the final day of the American Health Law Association’s Annual Meeting in New York, officials from the U.S. Department of Justice (DOJ), the Centers for Medicare & Medicaid Services (CMS), and the U.S. Department of Health and Human Services (HHS) Office of Inspector General (OIG) gave their own take on their agencies’ ramped-up enforcement efforts regarding health care fraud in mid-2026.

The July 1 panel—“Straight from the Source: DOJ, OIG, and CMS Fraud and Abuse Prevention and Enforcement Efforts in 2026 and Beyond”—featured Brenna Jenny, deputy assistant attorney general of DOJ; Kimberly Brandt, deputy administrator and chief operating officer at CMS; and Susan E. Gillin, assistant inspector general for legal affairs at HHS. The past 18 months have seen an outpouring of announcements, initiatives, and collaborations from the three agencies, and from these officials, regarding the government’s pursuit of health care fraud.

Discussions included reports that DOJ will continue its use of the federal False Claims Act (FCA) to further its enforcement goals, with a “whole of government” approach involving input, referrals, and data sharing, as well as artificial intelligence (AI) from CMS and OIG. The number of FCA cases brought by qui tam whistleblowers is in record territory—with the government now determined, as of June 4, to expedite qui tam review of cases involving federally funded, state-administered benefits programs.

The government is further determined to prevent fraud in government programs before the payout, adopting a “detect and prevent approach” as opposed to a “pay and chase” model. Reflecting on its work over the past year and defining goals for the years ahead, the government underscored its commitment to using interagency collaboration, as well as collaboration with whistleblowers (including data miners), to ferret out traditional and previously “untapped” areas of fraud. Some of the panel highlights include the following:

Artificial Intelligence

In furtherance of its defined priorities, the government has signaled that it intends to continue employing AI to identify fraud patterns and potential risk. Brandt framed AI as central to CMS’s shift toward more proactive, data-driven program integrity. Rather than relying solely on retrospective enforcement, CMS is using AI and data analytics to identify suspicious patterns earlier, including high-risk provider enrollments, undisclosed affiliations, and relationships that may signal attempts to reenter the program through new entities.

At the same time, the panel made clear that AI use will be scrutinized when providers deploy it in their own compliance functions or in submissions to the government. Gillin noted that OIG’s updated Corporate Integrity Agreement model now asks organizations to identify where they use AI and to verify AI-generated information. Brandt likewise cautioned that generic AI-assisted submissions raise concerns where they appear untethered from the provider’s actual facts, operations, or compliance program. The practical takeaway is that AI-assisted compliance work should be accurate, validated, and tailored to the organization.

DOJ-HHS False Claims Act Working Group

At the one-year anniversary of the revamped DOJ-HHS FCA Working Group—reestablished on July 2, 2025—it is clearer than ever that the federal government, aided by whistleblowers, is relying heavily on the FCA as a tool for health care fraud and abuse enforcement, with HHS continuing to refer potential violations to DOJ. Panelists said the goal of the group is to be proactive and to work with other stakeholders to identify new targets for investigation.

Hospice and Other Areas of Fraud

The federal government used its recent action in addressing hospice fraud in California as an example of its heightened enforcement priorities. Brandt noted that CMS has suspended more than 800 hospices in Los Angeles as part of its May 13, 2026, aggressive nationwide crackdown with six-month hospice and home health agency enrollment moratoria.

Beyond hospice, the government signaled strong interest in pursuing previously “untapped” areas of fraud, in part through interagency collaboration.

FOCUS Initiative and the Rise of the Qui Tam Whistleblower

Jenny discussed DOJ’s new Fraud Oversight Through Careful Use of Statistics (FOCUS) initiative, launched in May, which prioritizes “high quality” data miner actions by FCA whistleblowers. As we previously reported, DOJ has been experiencing a rapid rise in the number of relators bringing qui tam suits, and Jenny said DOJ was on track to set another record this year. More than 45 percent of whistleblower cases are now being filed by data miners.

At the time of the FOCUS initiative’s launch, Jenny said in a press release that DOJ was “interested in hearing from data miners who believe they have developed particularly effective tools for detecting fraud against the government.” To that end, DOJ is inviting data miners to meet with the Civil Fraud Section to “explain what differentiates their approach, how they validate their findings, and why their methodology provides a reliable basis for identifying high-quality, actionable [FCA] matters.”

On July 1, Jenny emphasized the importance of resource allocation in investigating data-miner complaints. While DOJ welcomes those who identify meaningful signals and creatively connect data sets, she stressed that merely identifying statistical outliers is insufficient; the relator must explain why the outlier likely reflects actionable FCA misconduct. DOJ is moving away from a purely “first-in, first-out” approach and toward prioritizing data-miner complaints most likely to be successful. In an effort to increase quality through competition, DOJ will be rolling out a uniform form and meeting with the most “serious” data miners.

Takeaways

Each announcement, innovation, appearance, and statement from government officials has reiterated that fraud across health care remains a top enforcement priority in the current administration. We reiterate that health care and life sciences companies should do the following:

Expand Compliance Audits

Medicare Advantage risk adjustment and diagnosis code practices remain a top enforcement priority, along with drug pricing/marketing arrangements. Yet regulated companies are advised to move beyond traditional billing, coding, and regulatory checks. It is also prudent to evaluate internal operations regarding high-risk contracting representations (including cybersecurity; diversity, equity, and inclusion initiatives; and trade law compliance) to ensure they align with current enforcement standards and requirements.

Prepare for More Relator-Driven Litigation

The increase in cases brought by qui tam whistleblowers, who may receive a share of the government’s FCA recovery, and DOJ’s continued collaboration with relators means that companies should be on their guard for whistleblowers in all aspects of their businesses.

Be Aware of AI

In addition to the focus on data miners (who use AI), the government appears to be increasingly examining AI use by health care entities in the context of potential fraud. In billing and coding, for instance, compliance requires human validation.

If you have questions regarding the issues discussed in this post, please reach out to the authors.  

Epstein Becker Green Staff Attorney Ann W. Parks contributed to the preparation of this post.

Back to Health Law Advisor Blog

Search This Blog

Blog Editors

Authors

Related Services

Topics

Archives

Jump to Page

Subscribe

Sign up to receive an email notification when new Health Law Advisor posts are published:

Privacy Preference Center

When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.

Strictly Necessary Cookies

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.

Performance Cookies

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.