False Claims Act Healthcare: Everything RCM Teams Need To Know

Key Takeaways:

• The FCA is the government’s top healthcare fraud tool, imposing penalties of $14,308–$28,619 per claim plus triple damages for false or reckless billing.

• Common FCA violations include risk adjustment fraud, upcoding, Stark/AKS violations, and failing to refund overpayments within 60 days.

• The 60-Day Rule (2025 update) means providers must return identified overpayments promptly or face reverse false claim liability.

• OIG’s Seven-Element Compliance Framework—combined with audits, AI oversight, and training—is essential to prevent FCA exposure.

• AI-driven RCM tools like CombineHealth’s workforce (Amy, Marc, Taylor, and Penny) ensure documentation accuracy, detect overpayments, and maintain FCA compliance across the entire revenue cycle.

The False Claims Act was born out of war—literally!

During the American Civil War, Congress passed the law to stop contractors from defrauding the Union Army with defective goods and inflated invoices. What began as a wartime safeguard has evolved into one of the most powerful fraud enforcement tools in American law, across many industries, especially healthcare.

Today, the False Claims Act sits at the center of every conversation about healthcare compliance, billing accuracy, and revenue integrity. It now governs hospitals, clinics, and billing companies that work with Medicare and Medicaid.

Let’s unpack the False Claims Act healthcare and understand how it works, what triggers liability, and what compliance looks like when accuracy becomes a business strategy.

What Is the False Claims Act in Healthcare?

The False Claims Act (FCA) is the federal government’s primary legal tool for combating healthcare fraud and protecting taxpayer-funded programs like Medicare and Medicaid.

Under the FCA, any organization that knowingly submits (or causes the submission of) false or inaccurate claims for payment can face severe civil and criminal penalties, including treble damages and per-claim fines up to $28,000.

In fact, the government recovered over $2.9 billion in settlements under the FCA in 2024, of which about $1.67 billion came from healthcare entities.

What Constitutes “False Claim” in Healthcare?

In healthcare, a false claim is any bill or request for payment sent to Medicare, Medicaid, or another federal program that the provider knows is wrong or misleading. It’s enforced by the Department of Justice (DOJ).

A provider can be held liable if they acted with:

• Actual knowledge that the information was false
• Deliberate ignorance of whether it was true or false
• Reckless disregard for the truth

Technically, the False Claims Act does not require proof of intent to defraud. Even unintentional errors or careless billing practices can result in liability if they show reckless disregard or failure to verify claim accuracy.

Some common examples of false claims include:

• Billing for services, procedures, or supplies not actually provided
• Upcoding, i.e., billing for a higher level of service than documentation supports
• Unbundling, i.e, billing separately for procedures that should be grouped under a single code
• Billing for medically unnecessary services or tests
• Submitting claims connected to kickbacks or Stark Law violations
• Failing to return Medicare or Medicaid overpayments within the 60-day statutory window

Also read: Difference between upcoding and downcoding in medical billing

Real-World Cases of The False Claims Act

Here are some real-world cases of physicians and healthcare organizations convicted of FCA in recent times:

Case 1: Upcoding and Unnecessary Testing

In February 2025, a New York physician was convicted of over $24 million in fraudulent Medicare claims for medically unnecessary lab tests. The doctor faced up to 10 years in prison for multiple counts of healthcare fraud.

Case 2: Risk Adjustment Medicare Advantage Fraud

In 2025, a Medicare Advantage organization paid $98 million to settle FCA allegations that it inflated patient risk scores to increase reimbursements. Such cases underscore how the FCA extends to managed care organizations (MCOs) in addition to providers.

What Are the Most Common Types of Healthcare Fraud that Trigger FCA Investigations?

Frauds under the FCA are often the result of clinical documentation gaps, inconsistent coding practices, and systemic oversight issues that accumulate over thousands of claims. 

Here are the most common types of healthcare fraud:

1. Medicare Advantage Fraud

Medicare Advantage (MA) plans continue to be a leading source of FCA recoveries. These cases usually center on risk score inflation, submitting false or unsupported diagnosis codes that make patients appear sicker than they are, increasing reimbursements from CMS.

Common MA risk adjustment schemes include:

• Unsupported diagnosis codes created during chart reviews
• Failure to delete invalid codes after internal audits
• Vendor-led “code mining” without medical justification
• Improper physician attestations on outdated medical records

2. Anti-Kickback Statute (AKS) Violations

The Anti-Kickback Statute prohibits offering or receiving anything of value to induce patient referrals for services reimbursed by federal programs.

High-risk arrangements include:

• Overpaying physicians for consulting or speaking engagements
• Waiving patient copays selectively
• Offering discounts or incentives tied to referral volume
• Providing meals, travel, or entertainment to induce prescriptions

3. Stark Law Violations

The Stark Law (Physician Self-Referral Law) prohibits physicians from referring Medicare or Medicaid patients to entities with which they have a financial relationship unless a specific exception applies.

Violations often occur when hospitals or clinics:

• Compensate physicians based on referral volume
• Provide free or below-market office space or staff
• Fail to meet documentation requirements for exceptions

4. Upcoding and Unbundling

Coding manipulation remains one of the most visible triggers of FCA investigations. While sometimes unintentional, these errors can be construed as reckless disregard if left unchecked.

Common patterns include:

• Upcoding by visit complexity: Billing higher-level E/M codes (Level 4 or 5) when documentation supports only Level 2 or 3 services.
• False diagnoses: Inflating disease severity to justify higher reimbursement.
• Unbundling: Billing services separately when they should be bundled under a single code.
• Modifier misuse: Using modifiers (e.g., Modifier 50 for bilateral procedures) incorrectly to inflate payment.

5. Medically Unnecessary Services

Billing for services not medically necessary or inadequately documented as such is one of the most pervasive issues in FCA cases.

Typical examples include:

• Routine diagnostic tests without clinical justification
• Excessive imaging studies
• Inpatient admissions that could have been outpatient
• Psychotherapy sessions without progress documentation

Penalties for FCA Healthcare Violations

For healthcare organizations, the financial and operational fallout from an FCA violation can be catastrophic—particularly when each individual claim counts as a separate offense. 

As of July 3, 2025, the Civil Monetary Penalty Inflation Adjustment Act has increased FCA penalties once again, ensuring they continue to keep pace with inflation and enforcement aggressiveness.

• Per-Claim Penalties: Each false or fraudulent claim carries a civil penalty ranging from $14,308 to $28,619 per claim.
• Treble Damages: In addition to per-claim fines, organizations must repay up to three times the government’s actual loss. For instance, if an audit uncovers $10 million in false billings, the liability could exceed $30 million, not including interest and legal fees.
• Cumulative Effect: Each claim’s penalty and associated damages are assessed independently, allowing totals to compound rapidly—especially in hospitals or billing companies that process high claim volumes daily.

Criminal Penalties

In cases involving intentional fraud or falsification, the FCA allows for criminal prosecution under related federal statutes, such as 18 U.S.C. § 287 and § 1347. Convictions can include:

• Fines: Up to $250,000 for individuals or $500,000 for organizations per criminal count.
• Imprisonment: Up to 5 years (and in certain aggravated healthcare fraud cases, up to 10 years).
• Restitution and forfeiture of improperly obtained funds.

Additional Consequences

Financial penalties are only the beginning. FCA settlements and judgments often trigger secondary consequences that can reshape an organization’s operational and reputational future.

This includes:

1. Exclusion from Federal Healthcare Programs
2. Corporate Integrity Agreements (CIAs)
3. Reputational and Operational Damage
4. Professional Discipline

How Has the 60-Day Rule Impacted FCA Liability for Healthcare Providers?

Few regulations have reshaped healthcare compliance like the 60-Day Rule. Originally introduced under the Affordable Care Act and strengthened through CMS guidance, it’s now one of the most common catalysts for “reverse False Claims Act” cases.

As of January 1, 2025, CMS’ updated clarification makes the rule even stricter, signaling to healthcare executives, RCM leaders, and compliance officers that delayed repayments can now be treated as active fraud.

The Core Requirement

Any healthcare organization that receives an overpayment from Medicare or Medicaid must report and return the overpayment within 60 days of the date it was identified.

Failure to meet that 60-day deadline automatically converts the overpayment into a false claim, exposing the organization to liability under the False Claims Act (FCA).

When Is an Overpayment “Identified”?

This question is what trips up most organizations.

CMS’ 2025 clarification makes it clear that “identification” doesn’t mean confirmed or quantified. The countdown begins as soon as the provider:

1. Has actual knowledge of the overpayment,
2. Acts in reckless disregard of its existence, or
3. Deliberately ignores evidence of an overpayment

Even if the amount hasn’t been precisely calculated, the 60-day window still starts. CMS explicitly rejected the argument that providers can delay action until internal audits conclude.

Compliance Best Practices RCM Leaders Should Implement to Prevent FCA Violations

The following best practices, grounded in HHS Office of Inspector General (OIG) guidance and 2025 enforcement trends, outline how healthcare organizations can build a defensible compliance program:

1. Establish a Comprehensive Compliance Program

Every healthcare organization should implement the “Seven Elements of an Effective Compliance Program” outlined by the HHS OIG. These serve as the industry’s compliance gold standard:

• Written policies and procedures 
• Compliance leadership and oversight
• Effective communication channels 
• Enforcement and disciplinary guidelines 
• Auditing and monitoring
• Response and corrective action 

2. Regular Training and Education

Compliance starts with awareness. The best technology can’t compensate for poorly trained staff or uninformed providers. Follow these best practices:

• Ongoing staff education
• Coder certification updates
• Provider documentation training
• Fraud awareness refreshers

3. Implement Robust Auditing Systems

Best practices include:

• Regular Internal Audits: Review a statistically significant sample of claims each quarter, prioritizing high-volume or high-risk specialties (e.g., cardiology, orthopedics).
• Prospective Audits: Evaluate claims before submission to catch coding or modifier errors early.
• Retrospective Audits: Analyze paid claims to identify systemic issues, overpayments, or potential 60-Day Rule risks.
• Diagnosis Code Accuracy Reviews: Cross-check ICD-10 codes against supporting documentation for every encounter.
• Risk-Based Auditing: Use data analytics to identify outliers—providers with unusually high billing levels, frequent modifier use, or repeated denials.

4. Encourage Documentation Excellence

In FCA investigations, if it’s not documented, it didn’t happen. Documentation is the first (and strongest) line of defense.

Key principles for documentation excellence:

• Clearly justify medical necessity with corresponding diagnoses.
• Avoid “copy-paste” or “cloning” practices that replicate old notes across encounters.
• Match E/M documentation precisely with billed levels of service.
• Maintain comprehensive patient records, including HPI, assessment, and treatment rationale.
• Record independent interpretation of results where required (e.g., imaging, pathology).

5. Review Physician Compensation and Referral Arrangements

Improper physician payments or referral relationships are a major source of FCA actions tied to the Stark Law and the Anti-Kickback Statute.

Best practices:

• Conduct annual legal and compliance reviews of all physician contracts.
• Ensure compensation aligns with fair market value (FMV) and excludes referral-based incentives.
• Maintain documentation supporting each arrangement’s business purpose.
• Periodically revalidate financial relationships as roles or workloads evolve.

How CombineHealth Helps You Operationalize FCA Compliance

By combining OIG principles with explainable AI oversight, RCM leaders can ensure every claim, payment, and physician contract withstands scrutiny.

CombineHealth’s AI Agents help you build a revenue engine that’s both accurate and defensible against the False Claims Act.

• Amy: Ensures coding accuracy and documentation completeness.
• Marc: Automates claim validation with payer-specific rules.
• Taylor: Monitors compliance KPIs (denials, outlier claims, audit trends).
• Penny: Delivers real-time regulatory guidance from CMS and payer policies.

Together, these agents form a continuous compliance loop—detecting risks early, documenting corrective actions automatically, and turning every RCM workflow into a compliance safeguard.

Schedule a call and discover how you can modernize compliance and revenue integrity, without adding headcount.

FAQs

Is the healthcare False Claims Act effective?

Yes. The False Claims Act is highly effective. It has recovered billions annually from healthcare fraud and deterred future violations through strict penalties and whistleblower incentives.

How to stop healthcare fraud False Claims Act?

Implement strong compliance programs, audit regularly, train staff, and use AI tools to detect billing errors early.

Which federal and state act prohibits false claims in healthcare?

The Federal False Claims Act and state-level Medicaid False Claims Acts prohibit submitting false or fraudulent claims for government healthcare payments.