Panelists of HIMSS26 Rapid Response: Implementing the Fraud Defense Operations Center
Photo courtesy of Nathan Eddy
LAS VEGAS – Federal health officials are taking a more aggressive, data-driven approach to combating healthcare fraud, using analytics and cross-agency collaboration to stop suspicious payments before taxpayer dollars leave the system, according to a panel at the 2026 HIMSS Global Health Conference & Exposition here today.
During the session, entitled "Rapid Response: Implementing the Fraud Defense Operations Center," leaders from the Centers for Medicare & Medicaid Services (CMS) described how the agency's Fraud Defense Operations Center (FDOC) is helping investigators identify high-risk providers and intervene in near real time.
Launched in 2025 by CMS' Center for Program Integrity, the initiative has already triaged more than 340 suspect providers and prevented more than $1.4 billion in potential payments while investigations continue, the panelists said.
Bethany Messick, deputy director of the Data Analytics and Systems Group at CMS' Center for Program Integrity, said the program was designed to address a long-standing problem in fraud enforcement: the lag between detecting suspicious activity and acting.
"In the past it was a tangled process, and these providers could try and take us for millions overnight," Messick said.
The FDOC brings analysts, investigators, clinicians, legal advisors and law enforcement partners into a shared environment where they can evaluate cases quickly and coordinate responses.
Fraud data analysts first identify suspicious patterns in claims and provider data, looking for indicators such as unusual billing relationships or affiliations between providers. Those leads are then prioritized based on the potential financial impact or risk to patients before being reviewed by clinical and regulatory experts.
"We present our data findings and sort of duke it out to plan the strategy and action," Messick said.
In some cases, CMS can immediately suspend payments to a provider while investigators continue building a case.
In others, the agency may place providers into pre-payment review, so claims are scrutinized before reimbursement.
Samantha Pittenger, deputy director of the Division of Outcomes Measurement at CMS, said fraud schemes have evolved significantly in recent years, requiring investigators to adapt their analytic approaches.
Early FDOC efforts focused on relatively straightforward cases, such as phantom billing schemes in which providers use stolen patient information to bill for services that were never delivered.
"Those are easy for us to point out in the data and easy for our investigators to verify," Pittenger said.
More complex schemes have since emerged, including telemarketing-driven fraud and cases, where patients may legitimately need care, but providers misrepresent services to receive higher reimbursements. Detecting those patterns requires deeper analysis of large healthcare datasets.
Much of the agency's work begins with anomaly detection across massive volumes of administrative claims data and provider enrollment records. CMS teams are also experimenting with large language models trained on investigative data to analyze call transcripts and identify instances where beneficiaries report services they never received.
"Fraudsters tend to bill in the same way," Pittenger said, explaining that by identifying those patterns, investigators can scan the broader provider landscape to uncover additional participants in a scheme.
The creation of the FDOC has also changed how CMS operational teams respond to suspected fraud.
Jennifer Norsworthy, deputy director of the Division of Investigative Support at CMS, said the initiative has dramatically accelerated the agency's ability to stop payments.
"It has completely transformed how quickly we're stopping the money going out the door," she said. Rather than paying claims and attempting to recover funds later, investigators can now intervene earlier in the process.
The center itself began as a six-week pilot before CMS leaders expanded the program with formal governance structures, standard operating procedures and additional personnel.
Messick said that bringing experts from different disciplines into a single operational environment has been one of the program's biggest strengths.
"What's critical about FDOC is what you learn from it," she said. "Being in the room together, we really learn from each other."
While the program is still less than a year old, Pittenger said she expects the FDOC to continue evolving as new tools and technologies are introduced to help analysts detect and disrupt fraud schemes even faster.
"We're all really on board with putting the integrity of the Medicare trust fund on the highest pillar," she said.
