HHS Uses AI to Combat Healthcare Fraud

Overview: A New Era of Fraud Detection

The U.S. Department of Health and Human Services (HHS) is shifting from reactive to proactive healthcare fraud prevention. The agency now plans to deploy advanced artificial intelligence tools to detect and stop fraudulent Medicare and Medicaid claims before payment goes out. Moreover, HHS is calling on healthcare stakeholders to share input that could shape future federal rulemaking.

This announcement marks a major policy shift. For decades, federal agencies followed a “pay and chase” approach — paying claims first and investigating fraud afterward. HHS Secretary Robert F. Kennedy Jr. made the change clear: the government now aims to “detect and deploy” AI in real time to block improper payments before they occur.

Furthermore, CMS Administrator Dr. Mehmet Oz underscored the aggressive tone of the new strategy. The goal is to stop fraudsters at the source rather than pursue them after the damage is done.

CMS Launches the CRUSH Initiative

Key Actions Under the Fraud Crackdown

The Centers for Medicare and Medicaid Services (CMS) unveiled its AI-driven fraud plans as part of a broader initiative. Additionally, the agency announced two significant financial actions alongside the AI announcement.

First, CMS is calling for a six-month moratorium on new Medicare enrollment for certain durable medical equipment suppliers. Second, the agency is deferring $259.5 million — and potentially up to $1 billion — in federal Medicaid payments to Minnesota. The state faces allegations of submitting fraudulent or unsupported Medicaid claims.

Together, these steps reflect what HHS describes as “a coordinated, data-driven strategy to prevent fraud before it occurs, hold bad actors accountable, and protect taxpayer dollars.”

The CRUSH Framework

CMS also issued a Request for Information (RFI) tied to potential future rulemaking under the framework titled “Comprehensive Regulations to Uncover Suspicious Healthcare,” or CRUSH. The RFI invites stakeholder feedback on programmatic changes that could make fraud detection more effective across Medicare and Medicaid programs.

What the Request for Information Covers

AI for Medicare Advantage and Hospital Billing

The CMS RFI focuses heavily on how AI tools can improve Medicare Advantage coding oversight and hospital billing accuracy. Specifically, the agency asks stakeholders to weigh in on the use of AI — including commercial off-the-shelf software — to help human coders process large volumes of medical records more efficiently.

Five Key Areas of Feedback

CMS seeks stakeholder input on five critical areas:

• Types of AI solutions that are most effective for assisting human coders with large record volumes
• Key features that an AI solution should include to improve accuracy, incorporate coder feedback, and prevent hallucinations
• Display standards for how AI-generated coding recommendations should be presented for human review
• Compliance risks that organizations should consider and mitigate during AI implementation
• Lessons learned from previous AI rollouts in healthcare settings

Notably, the RFI asks for input on machine learning and other AI methods for abstracting diagnoses from medical record documentation as part of medical records reviews.

Expert Reactions: Promise and Caution

Positive Outlook from Legal Experts

Healthcare legal experts generally welcomed the HHS initiative. Attorney Andrew Wirmani of law firm Reese Marketos LLP, a former U.S. Department of Justice prosecutor, described the move as a logical next step. He noted that CMS and HHS’ Office of Inspector General have long used data analytics and predictive modeling to detect potential fraud. However, he pointed out that HHS has not publicly disclosed the extent to which AI already powers those efforts.

“Healthcare fraud costs taxpayers billions each year,” Wirmani said. As a result, tools that speed up and scale fraud detection carry obvious benefits. Still, he cautioned that the government must build in meaningful human oversight and find ways to avoid false positives. Without these safeguards, honest healthcare providers could face undue burdens.

The Importance of Human Oversight

Transparency, Wirmani stressed, will be critical. AI-generated flags must go through human review before triggering adverse action against providers. Without this step, the system risks acting on inaccurate or incomplete data.

HIPAA and Patient Privacy Concerns

A Significant Gap in the RFI

Regulatory attorney Rachel Rose raised a different concern. She argued that deploying AI “in a safe, ethical, and legal manner” with accurate, limited-purpose data could indeed speed fraud detection. However, she noted an important distinction: large language models (LLMs) used for structured coding tasks carry far less risk than generative AI applications.

“LLMs have been around for years, so this is a lot safer than a GenAI application,” Rose explained. Nevertheless, she warned that AI output can still lead to bias, adverse patient outcomes, upcoding, wrong documentation, and even False Claims Act liability.

Missing: HIPAA Compliance Guidance

Most critically, Rose pointed out that the HHS RFI does not ask for input on HIPAA compliance in the context of AI-based fraud detection. This gap is significant. The agency’s AI tools will process protected health information (PHI) for millions of Medicare and Medicaid beneficiaries. As a result, privacy and security safeguards must accompany any AI deployment.

“Just as the Department of Homeland Security is piloting AI to combat cyberattacks, it is important to use available technology for efficiency — but there must be safeguards,” Rose said.

Lessons from the Private Sector

The private sector offers cautionary examples as well. UnitedHealth Group, for instance, has faced lawsuits over AI tools allegedly used to deny necessary medical coverage. These cases illustrate that AI in healthcare must include robust oversight to prevent patient harm and legal exposure.

What Comes Next

HHS did not immediately respond to requests for additional details on the fraud crackdown or the scope of AI already in use. Minnesota Governor Tim Walz’s office also did not comment on the Medicaid payment deferment.

Nevertheless, the RFI deadline will shape the path forward. Stakeholder responses will feed into potential rulemaking under the CRUSH framework. Industry experts, providers, insurers, and patient advocates all have a stake in ensuring that AI-driven fraud detection balances speed and accuracy with fairness and privacy protection.

As AI continues to transform healthcare administration, the HHS initiative signals a clear federal commitment to using technology offensively against fraud — while the sector pushes back for guardrails that protect both taxpayers and patients.