Healthcare fraud accounted for 83% of the dollars recovered under the False Claims Act last year, and the tools that regulators use to find those cases are changing fast. AI-powered documentation, expanded telehealth, and outlier data analysis are creating new compliance risks for providers, according to Sean Weiss, a partner at DoctorsManagement and a member of the National Committee on Vital and Health Statistics.
Weiss, who advises healthcare organizations on enforcement and compliance, said the next five years will bring a sharp increase in recoveries as government investigators deploy more sophisticated technology. "The intelligence that exists right now in program integrity, there's no getting away with anything," he said.
AI documentation and the 'audit bait' problem
Ambient scribes and AI-generated notes are spreading rapidly, but Weiss warns that many of the resulting records become "audit bait." The core issue is cloning-pulling identical language from one encounter to the next-and what he calls "clinical plagiarism." When auditors pull 20 consecutive dates of service and see identical text, the pattern becomes an easy case.
Providers are now generating notes that run 15 pages of irrelevant problem lists and hallucinated citations, Weiss said. "The words are all hyphenated. The doctors don't speak that way. If you click on the links that are in there for references or citations, the citations aren't accurate." He said the tools should be treated as augmented intelligence, not a replacement for clinical judgment. AI tools require human oversight at every stage to ensure integrity and minimize bias.
State-level enforcement is already targeting AI companies that overpromise. In September 2024, an attorney general reached a settlement with an AI firm under a state deceptive marketing practices act after health systems alleged the product's claims about generating meaningful progress notes were deceptive. The case, Weiss said, shows that "you had to find a way to make physicians and APPs understand that what you are creating is an efficiency tool. It requires human intervention from the front end, middle, the back end to ensure the integrity of what's being produced."
For providers and compliance teams, the growing use of AI for Healthcare means that documentation must still stand on its own. Weiss said the rule is simple: "Show me your work. You don't have to count the beans and the bullets in the elements like you did in the history exam anymore, but you got to give me a medical appropriate history and examination and then give me a powerful conclusion."
Telehealth beyond the telefraud headlines
While high-profile fraud schemes have grabbed attention, Weiss said legitimate providers need to focus on the basics. Telehealth is not a substitute for in-person visits when those are feasible. The service is meant for patients with mobility issues, transportation barriers, or those in rural areas who cannot easily reach a provider.
Weiss outlined several non-negotiable steps: document the patient's consent for a telehealth visit, note the originating site of service, and ensure the service is appropriate for a remote encounter. "These visits are really for individuals who have mobility issues, who are located beyond a reasonable drive to be able to get to a physician and a medical group or a hospital," he said. "It's not meant as a shortcut to cut out that patient, you know, face to face visit."
He also pointed to the risk of relying on telehealth for critically ill patients, recounting a case where a hospitalized patient was never seen in person and was pronounced dead via video. For compliance, the guiding principle is that the use of telehealth should make the patient's care better, not just more convenient for the provider.
Modifier 25: the target that data makes easy to spot
When the Department of Justice uses outlier data to identify potential fraud, modifier 25 is a frequent starting point. The modifier indicates a significantly separately identifiable evaluation and management service provided on the same day as a procedure. Because it triggers an extra payment on top of the procedure's reimbursement, its overuse is both lucrative and easy to detect.
Weiss said the modifier is defensible when the documentation shows that the E&M service addressed a problem unrelated to the procedure and required work above and beyond the usual pre-service workup. "You don't always have to have different diagnoses, but you should. It's helpful," he said. The key is a clear, unadulterated account of what happened during the encounter. Providers who attach the modifier to nearly every procedure create a pattern that auditors will flag. "There's no possible way 100%, or even 95% of all of your patient population is going to require significantly separately identifiable E&M service," he said.
To build a defensible record, Weiss recommends providers write a clinical summary that distills the visit into a concise, clear rationale for the treatment plan. The note should answer why the clinical judgment led to that specific care, not just list data points.
Enforcement trends and the $100 billion forecast
Weiss estimates that the government currently recovers about $5.7 billion in healthcare fraud each year, but believes the administration is targeting a much larger figure. "They believe there's $100 billion of fraud existing out there," he said. "Within five years, I think what this administration has put in motion … I think they're going to hit that $100 billion in recovery."
The DOJ's expanded use of data analytics and AI-working with more than 750 partner companies-is making outlier detection faster and more precise. That means providers who deviate from normal coding patterns will face scrutiny sooner. Weiss said the new evaluation of corporate compliance programs, released in recent months, also signals a more aggressive posture from prosecutors.
"I tip my hat to the career prosecutors, the career investigators at OIG, program integrity," he said. "These are good men and women. They're hard workers, they're dedicated to their craft. And to match them, you have to be on your game."
Why this matters for healthcare professionals
The convergence of AI tools, telehealth expansion, and advanced data analytics means that every note, every modifier, and every pattern a provider creates will be measurable. Compliance programs that rely on generic audits or one-size-fits-all checklists will not keep pace. Providers need to ensure their documentation is original, specific, and medically necessary-and that their use of modifiers matches the clinical reality, not a billing shortcut. The margin for error is shrinking, and the cost of getting it wrong is growing.
Your membership also unlocks:
