Medical fraud is any deliberate deception within the healthcare system intended to produce financial or personal gain. It costs the U.S. an estimated $68 billion to $220 billion every year, depending on whose numbers you use. The National Health Care Anti-Fraud Association puts the conservative figure at 3% of all healthcare spending, while government and law enforcement agencies estimate losses as high as 10%. In fiscal year 2025 alone, the Department of Justice recovered over $5.7 billion in healthcare-related settlements and judgments under the False Claims Act.
How Medical Fraud Differs From Waste and Abuse
Fraud, waste, and abuse are related but legally distinct. Fraud requires intent: someone knowingly deceives the system for money or other gain through false statements, misrepresentation, or concealment of information. Waste is careless or inefficient use of resources, like ordering unnecessary tests out of habit rather than malice. Abuse falls in between: it’s the improper use of healthcare resources in ways that violate rules but may not involve deliberate scheming. The distinction matters because fraud carries criminal penalties, while waste and abuse are typically handled through administrative corrections and civil fines.
Common Schemes by Providers
The most widespread form of provider fraud is billing manipulation. Several specific tactics show up repeatedly in enforcement actions.
Upcoding happens when a provider submits billing codes for a more severe diagnosis or a more complex procedure than what actually occurred. A psychiatrist might bill insurance for 30- to 60-minute sessions that actually lasted 15 minutes. A hospital might code a routine office visit as a comprehensive evaluation to collect a higher payment. In one of the largest cases, Tenet Healthcare Corporation was caught assigning inflated diagnosis codes to Medicare and Medicaid patients, resulting in $900 million in fraudulent charges.
Unbundling is the practice of billing separately for services that should be billed together at a lower combined rate. Duke University settled for $1 million in 2014 over unbundled cardiac and anesthesia services that had been performed as a single procedure.
Phantom billing is the simplest and most brazen form: submitting claims for services that were never provided to any patient. This can involve fabricating entire patient encounters or inflating the number of procedures performed during a real visit.
Upcoding is driven partly by compensation structures that pay clinicians based on the volume and complexity of services they bill. When pay is tied directly to billing codes, there’s a built-in incentive to code aggressively.
How Patients Commit Healthcare Fraud
Fraud isn’t limited to providers. Patients and organized groups engage in prescription drug diversion, which means obtaining medications through legitimate channels and reselling them. Techniques include presenting forged documents at multiple pharmacies, using someone else’s prescription drug benefit card, or filling prescriptions for conditions you do have but handing the medication off to someone else for resale.
The financial incentive is enormous. A 100-count bottle of OxyContin 80 mg has carried a street value around $8,000, or $80 per tablet. A 500-count bottle of Vicodin has been valued at roughly $2,500. Organized groups target these high-value medications systematically, collecting as many prescriptions as possible for resale on the gray market or the street.
Telehealth Fraud Is Growing Fast
The expansion of telehealth has created new opportunities for fraud. The HHS Office of Inspector General has flagged a recurring pattern: telemarketers cold-call Medicare beneficiaries to collect their health insurance numbers and personal information. A purported telehealth company then pays a medical provider to review records and sign off on orders for durable medical equipment, genetic testing kits, or prescription medications. The provider typically never speaks with or examines the patient. A separate company buys that complete paperwork package and submits claims to Medicare or Medicaid for medically unnecessary items.
If you’ve ever received unsolicited back braces, genetic testing kits, or prescription creams in the mail that you didn’t order through your own doctor, you may have been pulled into one of these schemes. The OIG advises refusing any delivery of medical equipment or testing kits unless you’ve confirmed the order with your established provider.
The Laws That Make It a Crime
Three federal laws form the backbone of healthcare fraud enforcement in the U.S.
The False Claims Act is the primary tool. Filing false claims can result in fines of up to three times the government’s losses plus $11,000 per individual claim submitted. Because each billed item or service counts as a separate claim, penalties escalate quickly. There is also a criminal version of the statute that carries prison time. Physicians have gone to prison for submitting false healthcare claims.
The Anti-Kickback Statute prohibits offering, paying, soliciting, or receiving anything of value to induce referrals or generate business paid for by federal healthcare programs. This applies broadly to anyone in the healthcare chain.
The Stark Law is narrower. It specifically prohibits physicians from referring Medicare patients for certain services to entities where the physician or an immediate family member has a financial relationship, unless a recognized exception applies. The entity receiving the referral is also barred from billing Medicare for those services.
How Fraud Directly Harms Patients
Medical fraud isn’t just a financial crime. It can put your health at risk in ways that are difficult to undo. When someone uses your identity to receive medical care, their health information can end up permanently embedded in your medical record. This means your file might list blood types, allergies, medications, or diagnoses that don’t belong to you. A provider relying on that contaminated record could prescribe a medication you’re allergic to or skip a test you actually need.
With electronic health records, inaccurate information spreads quickly across networks and can be shared with life insurers and other third parties. In most cases, victims cannot directly access their records to correct the errors, and it is nearly impossible to stop healthcare providers, clearinghouses, or insurers from continuing to share the false information. The patient most affected by medical identity theft is often the last to find out.
How to Report Suspected Fraud
The HHS Office of Inspector General operates a hotline that accepts tips from anyone about potential fraud, waste, abuse, or mismanagement in federal healthcare programs. You can submit a complaint through the OIG’s online portal at oig.hhs.gov. The complaint process is separate from the OIG’s general inquiry form, so look specifically for the “Submit a Complaint” option. You don’t need to have proof, just a reasonable basis for suspicion. Useful details include provider names, dates of service, descriptions of what you observed, and any documentation like billing statements or explanation-of-benefits forms that don’t match the care you received.
Reviewing your own medical bills and insurance statements is one of the simplest ways to catch fraud early. If you see charges for services you never received, visits on dates you weren’t seen, or equipment you never ordered, those are signals worth reporting.