Enhanced AI, Data-Sharing Measures Reinforce DOJ Focus on Data-Driven Healthcare Fraud Enforcement

The US Department of Justice has announced data-sharing agreements with the Centers for Medicare & Medicaid Services, the Department of Homeland Security, and the Federal Trade Commission, expanding the reach of the federal government’s data‑driven enforcement.

On June 23, 2026, in connection with the annual release of the results of its Nationwide Health Care Fraud Takedown, the US Department of Justice (DOJ) announced a series of interagency data-sharing initiatives designed to enhance the government’s use of “big data” in fraud detection and enforcement efforts.

The Nationwide Health Care Fraud Takedown—a multiagency effort started in 2007 with the creation of the Medicare Fraud Strike Force program—has used data analysis techniques to detect potential fraud since its inception. However, the latest announcement reflects an expanded scope that stretches well beyond traditional Centers for Medicare & Medicare Services (CMS) data.

As part of the new effort, DOJ’s recently created National Fraud Enforcement Division and CMS entered into an agreement under which the division will receive cloud computing capacity within CMS’s Integrated Data Repository (IDR) environment, enabling DOJ to apply AI and advanced data analytics directly to Medicare and other government healthcare program data. CMS concurrently announced efforts to expand system user verification processes and obtain more standardized data fields, improving the ability to apply such analyses across datasets.

In an expansion beyond traditional healthcare data analysis, DOJ also announced data-sharing agreements with the Department of Homeland Security (DHS) and Federal Trade Commission (FTC). The DHS arrangement will provide travel information that may reveal off-premises billing by providers, while the FTC agreement will provide telemarketing and telemedicine consumer-complaint data.

These agreements are intended to facilitate earlier detection of suspicious billing patterns, identify emerging fraud trends, and accelerate investigations by integrating data sources that had historically remained siloed.

Overall, the newly announced data-sharing agreements are consistent with broader federal efforts over the last year to increase coordination among enforcement agencies and leverage data analytics in fraud investigations, including under the civil False Claims Act.

IMPLICATIONS FOR HEALTHCARE COMPANIES

While the Health Care Fraud Takedown heavily focuses on criminal prosecution risks for individual practitioners, DOJ’s enhanced use of data analytics and cross-agency coordination carries broader implications for healthcare companies (including health systems, health plans, Medicare Advantage organizations, and pharmacy benefit managers):

Increased Visibility into Claims and Billing Patterns: The most immediate implication for healthcare companies may be heightened government visibility into billing and reimbursement patterns. With advanced analytical tools embedded directly within CMS’s IDR, DOJ may be able to more readily identify statistical outliers, unusual utilization patterns, aberrant coding practices, and reimbursement anomalies earlier in the claim lifecycle, reducing lag time between data anomalies and government investigation.

Earlier Government Action: In the Health Care Fraud Takedown announcement, the government made clear that its objective is not simply to identify fraud after payments are made but to intervene before funds leave federal healthcare programs in the first place. This may translate into more frequent payment suspensions, accelerated audits and investigations, and earlier issuances of civil investigative demands and subpoenas.

Faster, More Coordinated Investigations: The cross-agency agreements may significantly expand the government’s ability to link claims data with nontraditional datasets. For example, investigators may be able to compare billing records with travel information provided by DHS and enrollment data with consumer complaints from the FTC. While healthcare fraud enforcement has historically focused on claims data and medical records, future investigations may increasingly involve complex analyses across multiple federal databases, which could lead to swifter cross-validation of red flags and more rapid referrals to specialized teams across agencies.

False Claims Act Exposure: Investigations that historically have been heavily driven by whistleblower allegations—such as qui tam filings under the False Claims Act—may instead increasingly be initiated affirmatively by DOJ from AI-assisted analysis of claims data. This is in line with comments made earlier this year by DOJ’s Commercial Litigation Branch head that “your next whistleblower could be your data.”

Managed Care and Risk Adjustment Focus: The government’s recent enforcement priorities suggest particular focus on Medicare Advantage, Medicaid managed care, risk adjustment practices, utilization management, and payment integrity. If CMS succeeds in obtaining more standardized data submissions, enforcement agencies may be able to more readily compare utilization, diagnoses, coding, and reimbursement practices across programs and market participants. This may increase scrutiny of, among other things, risk adjustment submissions, prior authorization practices, and coding and documentation practices.

LOOKING AHEAD

The new agreements between DOJ, CMS, DHS, and FTC allow the government to leverage a massive amount of data to identify, corroborate, and act on potential fraud patterns more quickly and cohesively than before. These enhancements arrive amid record-setting coordinated enforcement actions and reflect a sustained emphasis on utilizing data analysis and AI to drive both civil and criminal healthcare cases.

In light of these enhancements, healthcare companies—and those in other industries involving “big data”—should consider whether their compliance and auditing functions are keeping pace with evolving analytical capabilities.

In particular, organizations may wish to evaluate whether their internal monitoring sufficiently identifies data outliers and anomalous patterns for further review and whether governance structures adequately address emerging risks associated with AI, automated decision-making, and large-scale data reporting.

Organizations should also assess their readiness to respond to investigations generated through data analytics rather than traditional whistleblower allegations. These matters may involve statistical analyses, predictive models, and algorithmically generated leads that require different response strategies than conventional investigations.