Health Care Fraud Costs Billions Every Year. AI Can Help Fix This.

Fraud in the American health care system is far worse than broadly known. And it’s easier to fleece the system than you might expect.

Every year, this problem drains an estimated $100 billion through fraudulent claims, waste and abuse, making it one of the most expensive financial leaks in the nation. That’s more than $300 annually for every American.

“Health care is uniquely susceptible to fraud,” says Christoph Herpfer, an assistant professor of finance at the University of Virginia’s Darden School of Business and co-head of the Health Care Initiative, within the Institute for Business in Society.

From phantom billing to upcoding, fraud thrives in the shadows of outdated systems, information gaps and misaligned incentives. But artificial intelligence offers promising solutions to detect and prevent fraud while preserving the quality of care.

Herpfer is using big data to better detect fraud and enhance health care efficiency both in his research and working with practitioners. But, as he explains, fixing this pervasive problem is no easy task.

A Personal Wake-Up Call

For Herpfer, the stakes of health care fraud aren’t just financial statistics — he encountered  the complexity and inefficiency of the health care system firsthand when he moved to the U.S. from Europe and had to choose a health insurance plan.

He recalls getting his first health care bill after immigrating into the U.S. and finding four or five bills included, with indecipherable billing amounts and discounts layered on each other.

“That made me realize that if I did not understand my bill as a finance professor, how is the average person supposed to navigate the system?” he says.

This realization prompted Herpfer to research the structural issues that make the health care system so vulnerable to abuse.

Why Is Health Care So Vulnerable to Fraud?

It’s because of “an unholy trinity,” according to Herpfer.

The first vulnerability is economic incentives. In the fee-for-service model, health care providers earn more by providing more services — creating a financial incentive to increase the quantity of services delivered. This system inherently encourages some providers to order unnecessary tests or procedures.

“The overall stakes and amounts of money in health care are so high, that it is tempting for bad actors to take money,” Herpfer says.

The second weakness is information asymmetry. Patients typically lack the medical expertise to assess whether recommended procedures are necessary.

“Medicine is complex, and as laypeople, we often don’t know what is needed,” Herpfer explains. “When doctors say they must perform this or that test because it’s important for our health, we naturally trust them. And who really knows what exactly their bills mean and whether they truthfully reflect services received? This makes it easy for ‘bad apples’ to exploit the system by adding tests that are not medically necessary.”

The final vulnerability is agency conflict. Patients make decisions for which insurers have to pay which can loosen the purse strings. Ultimately, of course, all of us pay through higher insurance premiums and taxes.

This “principal-agent problem” creates opportunities for misaligned priorities.

Together, these three factors create fertile ground for fraud, though Herpfer emphasizes that research shows most health care professionals operate with integrity and prioritize patient care.

“Health care has this trifecta of weaknesses, which make it a prime target for bad actors,” Herpfer says. “It is the bad apples, the outliers, who mess up the system for everybody.”

The Scale of Health Care Fraud

The U.S. health care system is vulnerable to fraud, in part because of its sheer size.

According to a recent analysis from the U.S. Centers for Medicare & Medicaid Services (CMS), total health care spending rose 7.5% to $4.9 trillion in 2023 — about 17.6% of Gross Domestic Product (GDP).

CMS is the agency that oversees Medicare, the government health insurance program for older and disabled Americans, and Medicaid, for lower-income patients. In fiscal 2024, CMS had outlays of about $1.5 trillion.

These two insurance programs serve tens of millions of Americans and account for a huge part of federal and state budgets. They handle hundreds of billions of dollars in transactions each year. Even if only a tiny percentage of claims is fraudulent, the financial impact is massive.

“If only a small fraction of people commit fraud, the resulting numbers will immediately shoot up into the billions of dollars,” Herpfer notes.

This financial impact makes fraud detection crucial yet challenging. This vulnerability is worsened by often-outdated record-keeping and oversight.

“Given the complexity and volume of work being done in health care, it’s obvious you need good management practices, including proper record-keeping, bookkeeping and accounting,” explains Herpfer.

“But health care has been somewhat lagging behind the private sector when it comes to the adoption of best practices. To give you one example, health care records were still widely managed using pen and paper until the mid 2000s, when the non-healthcare private sector had long migrated to electronic systems.”

He says the inefficiency was partly by design.

“There was this romantic idea that we wanted to have small, community health care providers operating on a very small scale, like a cottage industry,” says Herpfer. “This idea comes from good intentions, by trying to keep business and medicine separate. However, that has made it very hard for health care providers to become more professional and scale on the business side.” 

Fraudsters take advantage of these gaps to manipulate billing codes, charge for unnecessary procedures or even fabricate entire patient visits.

But things are changing. The Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009 created strong incentives to move to electronic record keeping and, over the past decade, health care has seen significant consolidation into larger, professionally managed systems. Despite these trends, gaps in professionalization remain, says Herpfer.

Health care fraud is also under the microscope at the federal level. In February, news outlets reported that representatives of Elon Musk’s Department of Government Efficiency (DOGE) had accessed CMS systems and were looking for fraud or waste.

While federal investigations represent one approach to tackling fraud, understanding the common schemes is essential for developing effective detection technologies.

How Fraudsters Exploit the System

Health care fraud takes many forms, including:

Upcoding: Billing for a more expensive procedure than the one actually performed, or for a longer consultation.

Medicare Advantage Manipulation: Falsifying diagnoses to make patients appear sicker, thereby increasing reimbursement rates.

(The government pays insurers a base rate for each Medicare Advantage member. Insurers receive additional funds when their patients are diagnosed with certain high-cost conditions. This creates an incentive for insurers to add additional diagnoses, making their patients appear sicker — at least on paper.)

Exploiting Vulnerable Populations: Targeting elderly or mentally impaired patients in nursing homes who may not notice or understand fraudulent charges.

Unnecessary Testing: Running and billing for medical tests that aren’t medically necessary.

Real-world examples illustrate how brazen these schemes can become. One high-profile example involved a California woman, Lourdes Navarro, who used her position as a clinical testing laboratory operator to fraudulently bill Medicare and other providers nearly $400 million for expensive respiratory pathogen panel (RPP) tests that were never ordered by health care providers.

(In January, Navarro was sentenced to nine years in prison and fined $46.7 million for her role in billing for the bogus tests.)

“Despite the fraud’s scale, it took a while to get exposed,” Herpfer points out. “The system is so vast, so complex and the technology is lagging such that even extreme cases of fraud are often only caught late, or at a small scale.”

Another example Herpfer shared involves research that uncovered physicians submitting implausible amounts of billed services. By analyzing Medicare and Medicaid data, researchers found doctors requesting reimbursement for work that would imply consistently more than 100 hours a week for these programs alone — highly implausible billing levels.

While these examples demonstrate the scale of the problem, they also highlight opportunities where data analysis and artificial intelligence could make a big difference.

The Role of AI in Detecting Fraud

How can technology — and specifically artificial intelligence — help us identify problems sooner and potentially help prevent billions in medical fraud and abuse?

“There is so much low-hanging fruit that AI at scale can help with when it comes to detecting fraud,” says Herpfer. “Structuring and organizing the data in systems that are efficient and up to date allows us to look for abnormal patterns that should be red flags about behavior by certain providers. Once the systems are in place, you can detect a lot of the more obvious issues very quickly.”

A very small percentage of fraudsters account for the bulk of the abuse. “The overwhelming majority of providers, insurers and hospitals are trying to do the best by their patients,” he adds.

It is not just the ‘’back end’’ of data analysis where AI can help, explains Herpfer. Another area with potential to help in fraud detection is the front end, the data input side. AI-powered speech-to-text — dictation — software, which creates real-time transcripts of doctor-patient interactions can greatly increase the precision of documenting work that is actually done while reducing the ability to falsify medical records, according to Herpfer.

“We now have the technology to do this at scale and greatly improve the precision of how we capture data,” he says. “That makes it much harder to have financial shenanigans, because now a fraudster would have to tinker with actual records, rather than just check a box on a form.”

Improved data quality, along with advances in computing and algorithms, allows researchers like Herpfer to analyze more data and detect fraud more efficiently. And, as he reminds us, there is a human cost to health care fraud.

As AI and data analytics advance, they can transform fraud detection and health care delivery — curbing bad actors while supporting ethical actors. These technologies could recover billions in wasted resources — redirecting funds to those in need.

To prepare future leaders, business schools must equip them with AI expertise. Darden is strengthening its focus on health care and AI with the Health Care Initiative within the Institute for Business in Society, and the LaCross Institute for Ethical Artificial Intelligence in Business.