Understanding Upcoding in Medical Billing: The Complete Guide

Key Takeaways:

• Upcoding means billing for a higher-level service than what was actually performed.

• Common forms of upcoding include overstating visit complexity, adding false diagnoses, or misusing modifiers.

• Upcoding violates the False Claims Act, with penalties reaching $28,000 per claim, repayment demands, and potential exclusion from Medicare/Medicaid.

• Payers now use AI and data analytics to detect coding anomalies; internal audits are key to staying compliant.

If your revenue cycle team has ever flagged “coding inconsistencies” or “documentation not supporting the level of service billed,” you’ve likely faced one of healthcare’s costliest compliance traps: upcoding.

It may seem like a small discrepancy (one code level higher, one modifier misplaced), but across hundreds or thousands of encounters, those errors can translate into millions in overpayments, denials, and audit risks.

This guide unpacks everything you need to know about upcoding in medical billing—from what upcoding looks like in practice, to how it’s detected, to what your organization can do to prevent it. 

What Is Upcoding in Medical Billing?

At its core, the upcoding medical definition is simple: it’s when a healthcare provider bills for a service that’s more complex or expensive than what was actually performed. In other words, it’s telling the payer a story that’s slightly more dramatic than the truth, deliberately or unintentionally.

It directly violates the False Claims Act, which prohibits submitting false or misleading information to federal healthcare programs like Medicare and Medicaid.

Types and Examples of Upcoding in Healthcare 

Let’s break down the major types of upcoding and showcase examples for each scenario:

1. Upcoding by Showing Higher Complexity Visit

A provider bills for a more complex or comprehensive office visit than the actual service delivered—often a higher-level Evaluation & Management (E/M) code.

Example:

A patient presents for a minor rash, requiring a basic follow-up (Level 2 or 3 E/M code: 99212/99213). However, the provider submits a claim for a comprehensive evaluation (Level 4 or 5: 99214/99215).

2. Upcoding by Showing a Fake Diagnosis

Providers inflate the diagnosis's severity to justify higher billing or add unwarranted diagnoses for reimbursement purposes.

Example:

A patient visits for acute mild back pain, but the provider diagnoses chronic or severe back pain with prescriptions for opioids and orders unnecessary imaging (like CT scans).

3. Upcoding by Unbundling Services

Upcoding and unbundling are considered to be the same, but in reality unbundling is a subset of the many ways upcoding can be performed. In unbundling, services normally billed together as a single package are split ("unbundled") and billed as separate claims, generating higher overall reimbursement.

While not strict upcoding, it carries the same intent and is considered Medicare fraud.

Example:

A blood panel that should be billed under a bundled CPT code is instead billed as separate claims for each individual test performed (e.g., billing for sodium, potassium, and glucose separately). Sometimes, the provider even spreads the dates of service to avoid automation detection.

4. Upcoding by Misrepresenting the Provider

This occurs when claims are submitted indicating a physician or higher-paid provider performed a service that was actually rendered by lower-cost staff, such as a nurse or physician assistant.

Example:

A medical assistant provides routine blood pressure monitoring and patient education, but the billing claim lists the service as performed by the physician.

5. Upcoding by Improper Use of Modifiers

Using billing modifiers incorrectly to increase payments or bypass payer edits.

Example:

A provider bills Modifier 50, indicating a procedure was done bilaterally (on both sides), but the service was done only on one side, doubling the reimbursement unjustifiably.

Upcoding and Downcoding: What’s the Difference?

Upcoding and downcoding represent two sides of the same compliance coin. While their motivations and outcomes differ, the end result is the same: financial risk and potential compliance exposure.

So, what is the difference between upcoding and downcoding? If upcoding inflates what was done, downcoding understates it. 

Downcoding, or undercoding, happens when a provider bills for a service at a lower level than what was actually performed or documented. It often stems from incomplete clinical documentation, uncertainty about payer rules, or conservative coding practices meant to “stay safe.”

While upcoding can result in overpayments and fraud allegations, downcoding quietly erodes revenue, leading to chronic underpayment and misrepresented patient complexity. Over time, both can skew performance metrics, affect quality reporting, and trigger audits—one for overbilling, the other for inconsistency.

Why Is Upcoding Illegal and What Are Its Consequences?

To payers, upcoding signals inflated costs. To regulators, it signals fraud!

But for RCM leaders and CFOs, the cost of upcoding extends far beyond fines, even when not intentional. Instead, upcoding can result in:

• Audit exposure: Once flagged, payers often review years of past claims.
• Revenue loss: Recoupment demands and delayed reimbursements can severely affect cash flow.
• Compliance monitoring: Organizations under Corporate Integrity Agreements must fund external compliance audits for years.
• Reputational damage: Even allegations of fraud can erode trust with payers and patients alike.

Under the FCA, each false claim can carry penalties of up to $28,619, alongside potential exclusion from government programs. For example, Mount Sinai Health System faced years of increased scrutiny after an OIG audit found E/M coding inconsistencies—resulting in compliance overhauls costing millions.

Some other examples of real-world upcoding fraud cases include:

1. In 2024, the University of Colorado Health paid $23 million after auditors found automated systems were classifying emergency department visits at the highest severity code (99285) without adequate supporting documentation.
2. Prime Healthcare Services and its CEO were fined $65 million for submitting false claims through improper patient admissions and coding higher-severity diagnoses.
3. In several cases reviewed by CMS, anesthesia providers were found to be coding patients as higher ASA risk status than justified, resulting in inflated anesthesia billing rates.

How Is Upcoding Being Monitored by Payers

If you’ve ever wondered how payers seem to know when your team slips up on a code, just know that they’re watching more closely than ever—thanks to advanced analytics and AI.

A 2024 study published in the Journal of Financial Analytics in Healthcare found that AI-driven fraud detection improved Medicare’s ability to identify improper billing by 38%, enabling the OIG to recover over $1.4 billion in Medicaid Fraud Control Unit cases.

Medicare and Medicaid Are Using Data-Driven Surveillance

The Centers for Medicare & Medicaid Services (CMS) runs a program called Comprehensive Error Rate Testing (CERT)—a nationwide audit that samples around 50,000 claims annually to estimate improper payment rates. While originally designed to catch human error, it has evolved into a data-driven compliance net.

Each provider’s billing patterns are compared against those of similar peers within their specialty and region. If your clinicians consistently code 99215 visits at a rate twice that of the national average, or your hospital bills unusually high DRG severity levels for short inpatient stays, the system flags you for review.

Private Payers Are Using Predictive Analytics and AI

Private insurers now deploy their own predictive models trained on years of claims data to identify anomalies in:

• E/M level distribution (e.g., excessive level 4 or 5 visits)
• Procedure frequency mismatched to diagnosis codes
• Modifier overuse (especially modifiers 25 and 59)
• Abrupt spikes in high-cost services or imaging

Once a pattern is detected, payers can demand repayment, freeze claims, or trigger a targeted probe and educate (TPE) review—effectively putting your organization on the audit radar.

What Triggers Payer Suspicion About Upcoding Fraud?

Payers look for predictable warning signs, often summarized by auditors as the “Four F’s” of fraud risk:

1. Frequency: Coding the same high-level service too often
2. Financial anomaly: Sudden spikes in average reimbursement per claim
3. Form inconsistency: Documentation not supporting the billed code
4. Follow-up evasion: Failure to respond quickly to medical record requests

When these patterns overlap, the claim batch is flagged for deeper review or prepayment audits.

Can You Accidentally Upcode?

Upcoding doesn’t always come from bad actors; sometimes, broken workflows can be the real culprit. 

We’re talking about incomplete/incorrect clinical documentation, inconsistent coding standards, and high claim volumes that make errors easy to miss. Combine that with frequent payer rule changes and mounting coder workload, and you’d be surprised how unintentional upcoding sneaks into even well-run RCM departments.

The causes of unintentional upcoding can vary across organizations:

• Ambiguous clinical documentation: Physicians may unintentionally record insufficient details to justify the coded level of service.
• Manual coding pressure: Coders under time or volume pressure might default to higher-level codes to avoid underpayment.
• Complex payer guidelines: Each payer’s coding interpretation can differ, creating inconsistency.
• Automation misuse: Poorly configured billing software or AI tools can systematically overcode if not properly validated.

How Can You Avoid Accidentally Upcoding in Medical Billing

Ironically, the most effective way to stay off payer radar and avoid accidental upcoding is to run your own radar.

This means internal audits should be your first line of defense, which includes visibility over billing patterns, employing AI-powered RCM software to continuously monitor claims data.

In the past, this was a manual process: compliance teams sampling a handful of charts each quarter, hoping to catch anomalies. But as payer analytics have evolved, so must your compliance strategy.

This is where tools like Amy, CombineHealth’s AI medical coding agent, make a quiet but measurable difference. Here’s how she works within your workflow:

1. Amy reads and interprets provider documentation with 99.2% coding accuracy
2. She selects the most appropriate CPT and ICD-10 codes for each encounter.
3. She then maps every assigned code to its supporting clinical note and line-by-line rationale.
4. If Amy detects anomalies, such as unusually high-level E/M codes or documentation that doesn’t support the billed complexity, she flags them for human review before submission.

Keep in mind that Amy doesn’t replace your auditors, but complements them by taking on repetitive, detail-heavy tasks, so that auditors can focus on what truly requires judgment: intent, compliance nuance, and risk interpretation.

Strengthen Your Coding Compliance and Audit Readiness With AI

Inaccurate coding not only costs revenue but also risks compliance, credibility, and payer trust.

As audits become more data-driven, the only sustainable defense is transparency and precision in every claim. CombineHealth’s AI workforce brings that discipline to life. 

With Amy ensuring 99.2% coding accuracy and full explainability, and Taylor monitoring risk patterns in real time, your RCM team stays proactive, compliant, and confident.

Book a demo with CombineHealth!

FAQs

How do you define upcoding in medical billing?

Upcoding is the practice of billing for a higher-level service or more complex procedure than what was actually provided or documented, resulting in inflated reimbursement and potential compliance violations.

What is the penalty for upcoding?

Penalties include repayment demands, civil fines of about $28,000 per claim, treble damages under the False Claims Act, exclusion from Medicare or Medicaid, and in severe cases, criminal prosecution.

What is the opposite of upcoding in healthcare?

The opposite is downcoding—billing for a lower-level service than what was performed or documented, often resulting in underpayment and lost revenue.

What is an example of upcoding in medical billing?

Billing a high-complexity E/M visit (CPT 99215) when documentation supports only a moderate-complexity visit (CPT 99213) is a common example of upcoding in medical billing.

Why should you avoid upcoding?

Upcoding exposes providers to audits, legal penalties, and reputational damage. Maintaining accurate, transparent coding ensures compliance, payer trust, and sustainable reimbursement integrity.