Significant Changes in Healthcare Enforcement: Navigating Compliance Risks

The healthcare enforcement landscape is poised for significant changes by 2026, driven by increased False Claims Act (FCA) activities and a focus on regulatory compliance requirements around fraud against federal programs. The Department of Justice (DOJ) has established the National Fraud Enforcement Division to bolster its efforts against fraudulent activities impacting government-funded programs. Healthcare providers, hospitals, and related entities should brace for more audits and scrutiny from the DOJ, the U.S. Department of Health and Human Services (HHS) Office of Inspector General (OIG), and the Centers for Medicare and Medicaid Services (CMS).

In fiscal year 2025, the DOJ reported an unprecedented $6.8 billion in FCA settlements and judgments, largely due to whistleblower suits contributing $5.3 billion. Healthcare-related fraud continues to dominate these recoveries. The DOJ emphasizes the importance of voluntary disclosures, cooperation, and remediation, indicating these elements are crucial for effective risk management pertaining to FCA enforcement.

The DOJ’s Fraud Section's 2025 report detailed its Health Care Fraud (HCF) Unit's involvement in cases with $10 billion in alleged losses, recovering $560 million. Notable operations include the $10 billion Operation Gold Rush, involving fraud by Estonian defendants in durable medical equipment, and others by Pakistani nationals. The newly formed Health & Safety Unit initiated key actions against adulterated surgical gowns and fraudulent healthcare facility operations.

Regulatory developments feature the creation of the DOJ’s Division for National Fraud Enforcement, emphasizing centralized efforts in fraud prevention. This move aims for enhanced oversight on healthcare billing and fund utilization. An HHS-OIG report has highlighted rising Medicare Part B expenditures on skin substitute products, suggesting potential fraud risks due to reimbursement structures, urging providers to scrutinize clinical protocols and vendor relations.

The DOJ's enforcement strategies have targeted improper medical directorships violating the Anti-Kickback Statute and Stark Law, focusing on unlawful compensation arrangements. Recent court rulings have curtailed the DOJ's subpoena reach, particularly on gender-affirming care probes, underscoring the need for proper subpoena issuance.

The HHS-OIG has also issued compliance guidance for Medicare Advantage participants, identifying risk areas and strategies. Legislative changes have extended Medicare telehealth flexibilities and Hospital at Home support, affecting compliance considerations for healthcare entities.

Industry advisories warn of risks in customer-driven arrangements that may breach the Anti-Kickback Statute, advising caution for medical device and life sciences companies. Additionally, an HHS-OIG report documents increased genetic testing spending, with new HIPAA rules necessitating updates to privacy practices on substance use records, anticipating stronger future security requirements. Healthcare providers must adapt swiftly to these regulatory and enforcement changes to mitigate compliance risks effectively.