Honeybadger Solutions LLC

Healthcare Fraud Investigation Services

Healthcare fraud investigation services detect, document, and prove financial fraud, waste, and abuse in medical billing and claims — upcoding, phantom services, kickbacks, and telehealth or genetic-testing schemes. Honeybadger Solutions runs these as in-house financial investigations, remote and nationwide, for payers, providers, and whistleblower counsel, combining claims-data analytics, medical-record review, beneficiary interviews, and financial tracing into evidence that withstands civil, criminal, and administrative scrutiny.

Healthcare financial fraud is not a records problem and it is not a coding dispute — it is a deception problem hidden inside data that is engineered to look clean. The dollars move through legitimate rails: a claim is submitted, adjudicated, and paid exactly as the system expects. What makes an investigation hard is that the fraud lives in the gap between what was billed and what was medically done, and that gap is invisible to anyone who only reads the claim. This guide covers how that gap is found, proven, and translated into recovery — and how the work differs depending on whether you sit on the payer, provider, or whistleblower side of the case.

What is healthcare financial fraud, waste, and abuse?

Payers and regulators group the problem as “FWA” — fraud, waste, and abuse — but the three are legally distinct, and the distinction drives both the standard of proof and the remedy. Fraud is intentional deception to obtain an unauthorized benefit: knowingly billing for services never rendered, or misrepresenting what was done. Abuse describes practices inconsistent with accepted medical or business norms that produce unnecessary cost — billing patterns that are improper but fall short of provable intent. Waste is overutilization or inefficiency without wrongful intent. The investigative burden climbs steeply from waste to fraud, because fraud requires proving a person’s state of mind — knowledge and intent — not merely an erroneous claim.

The scale is why this matters. The National Health Care Anti-Fraud Association has long estimated that health care fraud costs the United States tens of billions of dollars every year, and the government’s enforcement arms — the HHS Office of Inspector General and the Department of Justice — recover billions annually through settlements and judgments. For a payer, undetected fraud is direct leakage from medical loss. For a provider, a single unproven allegation can trigger prepayment review, exclusion from federal programs, and treble-damages exposure. The stakes are asymmetric, and they reward disciplined investigation over reactive panic.

What are the most common healthcare billing fraud schemes?

Investigators organize schemes by mechanism, because each one leaves a distinct signature in claims data and demands a different confirmation method. Recognizing the pattern in the data is only the trigger; the fraud is proven off the claim, in the medical record, the money trail, and the patient’s own account of what happened.

Scheme typeHow it looks in the dataInvestigative methodExposure / remedy
UpcodingConsistent use of the highest-level E&M or severity codes; provider is a statistical outlier versus specialty peersMedical-record review against coding criteria; peer-benchmark analysisFCA liability, overpayment recoupment, coding re-education or exclusion
UnbundlingComponent procedures billed separately when a bundled code exists; NCCI edit bypass modifiers overusedCode-pair analysis; modifier-usage review; documentation auditOverpayment recovery, civil penalties per claim
Phantom / no-service billingClaims for patients not seen, dead beneficiaries, or impossible service volumes per dayBeneficiary interviews; appointment and access-log reconciliation; timeline analysisCriminal fraud, FCA treble damages, program exclusion
Medically unnecessary servicesDiagnosis codes that do not support the procedure; blanket ordering regardless of presentationIndependent clinical review; medical-necessity documentation auditRecoupment, FCA liability, licensure referral
Kickbacks (AKS)Referral volume tightly correlated with payments, “rent,” or service fees to referral sourcesFinancial tracing; contract and ledger review; relationship mappingAnti-Kickback Statute criminal liability; FCA per tainted claim
Self-referral (Stark)Physicians referring designated health services to entities they or family ownOwnership and entity mapping; referral-pattern analysisStrict-liability overpayment, FCA exposure
Pharmacy & DME fraudAuto-refills never picked up, brand/generic swaps, DME shipped without a valid orderDispensing-record and shipping audit; prescriber and beneficiary confirmationRecoupment, criminal charges, exclusion
Telehealth / genetic-testing fraudHigh-volume orders from a single tele-prescriber; tests with no treating-provider linkOSINT on marketing entities; order-origin tracing; consent-form reviewFCA and criminal fraud, marketing-scheme takedown
Credentialing / enrollment fraudFalsified licenses, borrowed NPIs, billing under a provider who did not perform the workCredential verification; identity and license-history checksEnrollment revocation, criminal fraud

The recurring lesson is that a data outlier is a lead, not a conclusion. A physician who bills level-5 visits far above peers may be a fraud — or may run a genuinely complex referral panel. The investigation exists precisely to close that gap, and closing it well is what separates a defensible case from a reckless accusation.

What laws govern healthcare fraud investigations?

Four statutes define the terrain, and any competent investigator builds evidence with the elements of these laws in mind from day one.

The False Claims Act (FCA) is the government’s primary civil weapon. It imposes liability — including treble damages and per-claim penalties — on anyone who knowingly submits, or causes the submission of, a false claim to a federal program such as Medicare or Medicaid. “Knowingly” reaches actual knowledge, deliberate ignorance, and reckless disregard, which is why documentation of what a provider knew and when matters as much as the false claim itself.

The FCA’s qui tam provision lets a private party — the relator, usually an insider whistleblower — sue on the government’s behalf and share in the recovery. Qui tam cases are filed under seal, giving the government time to investigate and decide whether to intervene. The quality of the relator’s evidence at filing heavily influences intervention, which is why whistleblower counsel invest in investigation before the complaint is drafted.

The Anti-Kickback Statute (AKS) is a criminal law prohibiting knowing and willful remuneration to induce referrals of items or services payable by a federal health program. A claim tainted by a kickback is also a false claim, linking AKS to FCA. The Stark Law (physician self-referral) is narrower but stricter: it is essentially strict-liability for referring designated health services to entities in which the physician or an immediate family member has a financial interest, unless a specific exception is met. Stark needs no proof of intent, which makes ownership and entity mapping decisive evidence.

How do investigators build a healthcare fraud case?

An allegation recovers nothing; a proven, quantified case does. Our financial investigations practice runs a disciplined sequence designed to move from a statistical suspicion to admissible, defensible proof:

  1. Frame the theory and the standard. Decide early whether the case is civil (FCA), criminal, or administrative, and which statute’s elements must be satisfied — that choice governs what evidence is worth collecting.
  2. Run claims-data analytics. Profile the target against specialty peers to surface outliers: coding distributions, impossible service days, referral concentrations, and time-series spikes that signal a scheme turning on or scaling up.
  3. Pull and review the medical records. The claim asserts; the record proves. Independent clinical review tests whether documentation actually supports the code billed and the medical necessity claimed.
  4. Interview beneficiaries and patients. Structured, non-leading interviews confirm whether services were rendered, and they are often the single most powerful evidence in phantom-billing and unnecessary-service cases.
  5. Trace the money. Follow payments, contracts, leases, and marketing fees to expose kickbacks and self-referral, and to identify the beneficial owners and shell entities receiving diverted proceeds.
  6. Corroborate with OSINT and, where lawful, undercover work. Public records, corporate filings, marketing sites, and discreet inquiry establish the commercial reality behind telehealth and genetic-testing schemes.
  7. Preserve a defensible chain of custody. Every record, dataset, and device is handled so the analysis survives cross-examination and administrative appeal.
  8. Quantify the provable loss. Separate what is documented from what is merely suspected, because regulators, courts, and insurers act on defensible figures, not estimates.

Where the scheme has a digital dimension — altered records, spoliation, or communications that reveal intent — the financial work is paired with digital forensics to recover and authenticate the electronic evidence, and with background checks and intelligence to verify credentials, map ownership, and identify undisclosed relationships behind the claims.

How does a qui tam whistleblower case get built?

Whistleblower matters demand a different discipline: the relator must present specific, credible evidence without unlawfully removing protected records or violating patient-privacy obligations. A readiness workflow protects both the case and the client:

  1. Assess the account. Establish what the relator personally observed versus what they infer, and identify the scheme, the timeframe, and the federal programs implicated.
  2. Confirm originality. The strongest qui tam claims rest on non-public, first-hand knowledge — public-disclosure and first-to-file rules can bar a case, so this is tested before anything is filed.
  3. Reconstruct evidence lawfully. Corroborate the account through claims analytics, public records, and permissible documentation, avoiding any collection that breaches privacy law or employment obligations.
  4. Quantify the pattern. Model the scale and duration so counsel and the government can gauge materiality and likely intervention.
  5. Package for counsel. Deliver an organized evidentiary file that supports the disclosure statement filed with the complaint under seal.

How do investigations differ for payers, providers, and whistleblowers?

The same schemes look different depending on where you stand, and a serious firm adapts its methods to the client’s posture and obligations.

For payers and Special Investigations Units (SIUs), the mission is scale and prevention: mine claims data across a book of business, prioritize the highest-exposure providers, and build recoupment or referral packages. The pitfall is volume-driven overreach — treating every outlier as fraud invites bad-faith and provider-abrasion exposure. The best SIU support is precise, prioritizes cases the evidence can actually carry, and hands off criminal matters cleanly to the OIG or DOJ.

For providers, the work is usually defensive: an internal investigation triggered by a payer audit, a subpoena, or a whistleblower’s internal report. Here the goal is an honest, privileged assessment of exposure — often the predicate for a voluntary self-disclosure that can dramatically reduce penalties. The pitfall is a superficial internal review that misses the real problem and forfeits the credibility a regulator rewards.

For whistleblowers and their counsel, the aim is a credible, well-documented relator claim that survives the public-disclosure and first-to-file bars and encourages government intervention. The pitfall is unlawful self-help — taking records or recording in ways that damage the relator’s standing. Independent, lawful corroboration is what makes the difference.

What evidentiary standards and pitfalls separate elite from mediocre work?

Mediocre healthcare fraud work stops at the data outlier and calls it a finding. Elite work treats the outlier as a hypothesis and proves — or disproves — it against the record, the money, and the people involved. The CMS Center for Program Integrity and commercial SIUs both rely on this discipline because a statistical anomaly alone will not survive an administrative-law-judge appeal or a jury.

The pitfalls that sink cases are consistent: mistaking a coding error for intent; over-extrapolating from a small sample without a statistically valid methodology; contaminating beneficiary interviews with leading questions; breaking chain of custody on medical records or devices; and, on the whistleblower side, evidence gathered in ways that violate HIPAA or employment law. Cost drivers track complexity — the number of claims and years in scope, the volume of records requiring independent clinical review, the difficulty of the financial tracing, and whether beneficiary interviews span multiple states. A case built to the standard of proof from the first day is faster and cheaper than one rebuilt after a preventable challenge.

Because healthcare organizations also carry physical and information-security obligations, financial fraud engagements sometimes intersect with our broader security services — but the financial investigation itself is a distinct, in-house discipline run remotely and nationwide, independent of any single facility.

Frequently asked questions

What is the difference between healthcare fraud, waste, and abuse?

Fraud is intentional deception to obtain an unauthorized payment, such as billing for services never rendered. Abuse involves practices inconsistent with accepted medical or business standards that cause improper cost without provable intent. Waste is overutilization or inefficiency with no wrongful intent. The three carry different legal standards and remedies, and proving fraud is far harder because it requires establishing a person’s knowledge and intent, not just an incorrect claim.

Can claims-data analytics alone prove healthcare fraud?

No. Analytics identify outliers and prioritize leads, but a statistical anomaly is not proof of fraud. A provider can be an outlier for legitimate reasons. Proof comes from medical-record review, beneficiary and patient interviews, financial tracing, and corroborating evidence, all preserved under a defensible chain of custody. Analytics point the investigation; they do not conclude it, and courts and administrative judges expect that distinction.

How does a qui tam whistleblower case work?

Under the False Claims Act, a private party with first-hand knowledge of fraud against a federal program can file a lawsuit on the government’s behalf. The complaint is filed under seal so the government can investigate and decide whether to intervene, and a successful relator may share in the recovery. Strong, lawfully gathered evidence at filing improves the odds of intervention and a favorable outcome.

Do you investigate for payers, providers, or whistleblowers?

All three, with methods adapted to each posture. For payers and SIUs we support scaled detection and recoupment; for providers we conduct privileged internal investigations that can inform a voluntary self-disclosure; for whistleblowers and their counsel we build lawful, corroborated evidence for a qui tam complaint. The financial investigation is handled in-house, remotely, and nationwide, independent of any single facility.

About Honeybadger Solutions

Honeybadger Solutions is an Arizona-licensed security and investigations firm delivering intelligence-led financial investigations, digital forensics, cybersecurity, and background intelligence to payers, providers, general counsel, and whistleblower counsel nationwide and internationally. Healthcare financial fraud investigation is run as an in-house financial investigation — not brokered to third parties — remote by design from our Arizona home command, keeping every engagement discreet, controlled, and defensible.

Offices: Casa Grande (HQ), Phoenix, and Oro Valley, Arizona.
Phone: 602-725-2818
Confidential consultation: If you are a payer, provider, or whistleblower’s counsel facing suspected billing fraud, kickbacks, or a qui tam matter, contact us to scope a defensible, evidence-first investigation.