Hero

Medicare is one of the largest federal benefit programs in the United States. The Centers for Medicare and Medicaid Services (CMS) paid more than $1 trillion to providers in fiscal year 2024 for care delivered to more than 65 million beneficiaries — including more than 1.7 million Georgians. With that scale comes substantial fraud risk. The U.S. Department of Health and Human Services Office of Inspector General (HHS OIG) estimates that improper payments and fraud in Medicare cost taxpayers tens of billions of dollars annually.

For Georgia Medicare beneficiaries, fraud is not an abstract concern. It is the unsolicited call asking for "your Medicare number to confirm benefits." It is the orthotic brace that arrives at the door without a doctor's order. It is the "free cancer screening" pitched at a community center booth. It is the telemedicine practitioner who issues a five-minute consult and then orders thousands of dollars of unnecessary equipment. The Eastern District of Georgia, the Northern District of Georgia, and the Atlanta-based Medicare Fraud Strike Force have prosecuted hundreds of these schemes over the past decade — many involving Georgia-based providers and many targeting Georgia beneficiaries.

The federal anti-fraud framework rests on a network of statutes enacted over more than 160 years. The False Claims Act (FCA, 31 U.S.C. §§ 3729-3733) — originally enacted in 1863 during the Civil War as "Lincoln's Law" to combat Union Army contractor fraud — was substantially strengthened by the False Claims Amendments Act of 1986 (Public Law 99-562, October 27, 1986), the Fraud Enforcement and Recovery Act of 2009 (FERA, Public Law 111-21, May 20, 2009), and the Patient Protection and Affordable Care Act of 2010 (Public Law 111-148, March 23, 2010). Section 1128 of the Social Security Act gives HHS OIG mandatory and permissive authority to exclude individuals and entities from Medicare and Medicaid. Section 1128A authorizes civil monetary penalties (CMPs). Section 1128B contains the Anti-Kickback Statute (AKS) — a criminal felony prohibiting payment for referrals of items or services payable by federal health care programs. Section 1877 — the Stark Law — prohibits physician self-referral for designated health services to entities with which the physician has a financial relationship absent a regulatory exception. HIPAA 1996 Title II Section 1128C (Public Law 104-191, August 21, 1996) created the Health Care Fraud and Abuse Control (HCFAC) Program that coordinates federal anti-fraud efforts.

Enforcement is executed by an interlocking network of federal and state agencies. HHS OIG performs civil enforcement, exclusions, CMP impositions, audits, and program integrity evaluations. The U.S. Department of Justice (DOJ) Health Care Fraud Unit handles criminal prosecutions and civil FCA litigation. The Medicare Fraud Strike Force — a DOJ/HHS OIG joint task force model first deployed in Miami in 2007 and now operating in more than a dozen cities including Atlanta — uses data analytics to identify and prosecute organized fraud schemes. CMS's Center for Program Integrity (CPI) coordinates federal program integrity operations. Unified Program Integrity Contractors (UPICs) perform fraud investigation work for CMS. Medicare Administrative Contractors (MACs) — Palmetto GBA (Part A/B) and CGS Administrators (DME) for Georgia — conduct claim-level investigation. The Senior Medicare Patrol (SMP) — operating in Georgia through GeorgiaCares SHIP (1-866-552-4464) — provides beneficiary-facing education and a reporting channel.

This guide walks through what every Georgia Medicare beneficiary and provider should understand about the federal Medicare anti-fraud framework: the statutory authorities, the enforcement structure, the common schemes affecting Georgia beneficiaries, the reporting mechanisms, the beneficiary protections, and the provider compliance obligations.

Key Takeaways (Callout)

  • The federal Medicare anti-fraud framework rests on Section 1128 of the Social Security Act (exclusion authority), Section 1128A (civil monetary penalties), Section 1128B (criminal provisions including the Anti-Kickback Statute), Section 1877 (Stark Law physician self-referral prohibition), the False Claims Act (31 U.S.C. §§ 3729-3733), and HIPAA 1996 Section 1128C (creating the Health Care Fraud and Abuse Control Program).
  • The False Claims Act, originally enacted in 1863, was substantially strengthened in 1986, 2009, and 2010 — and its qui tam whistleblower provisions allow private parties ("relators") to file FCA suits on behalf of the United States and share in any recovery.
  • The Anti-Kickback Statute (42 U.S.C. § 1320a-7b(b)) is a criminal felony — punishable by up to 10 years imprisonment, fines up to $100,000 per violation, and exclusion from federal health care programs — that prohibits knowingly and willfully offering, paying, soliciting, or receiving remuneration to induce or reward referrals of items or services payable by federal health care programs.
  • The Stark Law (42 U.S.C. § 1395nn) is a civil strict-liability prohibition on physician self-referral for designated health services to entities with which the physician has a financial relationship, absent a regulatory exception.
  • The Medicare Fraud Strike Force operates in Atlanta as part of a national network of data-driven prosecutions of organized Medicare fraud schemes. Strike Force operations have led to thousands of prosecutions and billions of dollars in recoveries since 2007.
  • For Georgia beneficiaries, the Senior Medicare Patrol (SMP) operates through GeorgiaCares SHIP at 1-866-552-4464. The HHS OIG Hotline is 1-800-HHS-TIPS (1-800-447-8477).
  • The most common Medicare fraud schemes affecting Georgia beneficiaries in the 2020s include genetic testing fraud (CGx schemes), DMEPOS fraud (orthotic braces, urinary catheters, continuous glucose monitors), telemedicine kickback schemes, hospice and home health fraud, and identity theft/Medicare Beneficiary Identifier (MBI) misuse.
  • Beneficiaries should review every Medicare Summary Notice (MSN) and Explanation of Benefits (EOB) for suspicious charges, never give the Medicare number to unsolicited callers, and report suspected fraud to the SMP or HHS OIG.
  • Providers subject to Medicare must comply with provider enrollment screening requirements under Section 6401 of the Affordable Care Act, which expanded provider screening, established a moratorium authority, required compliance programs, and added other anti-fraud provisions.

The Federal Anti-Fraud Framework

The Medicare anti-fraud framework is the product of more than 160 years of statutory evolution. Each statute has a distinct role.

Section 1128 of the Social Security Act — Exclusion Authority

Section 1128 (42 U.S.C. § 1320a-7) gives HHS OIG authority to exclude individuals and entities from participation in Medicare, Medicaid, and all federal health care programs. Exclusion means the excluded person cannot bill federal programs and federal programs cannot pay for items or services furnished, ordered, or prescribed by the excluded person.

Mandatory exclusions under Section 1128(a) include conviction of:

  • A program-related crime (1128(a)(1))
  • Patient abuse or neglect (1128(a)(2))
  • A felony health care fraud offense (1128(a)(3))
  • A felony controlled substance offense (1128(a)(4))

Permissive exclusions under Section 1128(b) include conviction of misdemeanor health care fraud, license revocation or suspension, suspension from a federal or state health care program, claims for excessive charges or unnecessary services, fraud against beneficiaries, kickbacks, and other categories.

Exclusion durations range from 5 years (mandatory minimum) to permanent. HHS OIG maintains the List of Excluded Individuals/Entities (LEIE) at oig.hhs.gov, which providers must check at hire and monthly thereafter for all employees and contractors who furnish or arrange items or services payable by federal programs.

Exclusion has cascading consequences: an excluded provider cannot bill, an entity that knowingly employs an excluded person can incur CMP liability, and beneficiaries who receive services from excluded providers may have those services denied by Medicare.

Section 1128A — Civil Monetary Penalties (CMPs)

Section 1128A (42 U.S.C. § 1320a-7a) authorizes HHS OIG to impose civil monetary penalties and assessments for a wide variety of misconduct, including:

  • Presenting false or fraudulent claims
  • Violations of the Anti-Kickback Statute
  • Beneficiary inducements (offering remuneration to beneficiaries to influence selection of providers)
  • Stark Law violations
  • Employment of excluded individuals
  • Failure to grant OIG access to records
  • Numerous other categories specified in statute and 42 CFR Part 1003

Penalty amounts are adjusted annually for inflation. As of 2024, the CMP for a false claim is up to $20,000+ per item or service, with assessment of up to three times the amount claimed. AKS-based CMPs run up to $100,000 per violation. Beneficiary inducement CMPs run up to $20,000+ per item or service offered or transferred.

CMP impositions are administrative actions — the burden of proof is preponderance of the evidence, not the higher beyond-a-reasonable-doubt criminal standard. CMP decisions are reviewable by an HHS administrative law judge, then the Departmental Appeals Board, then federal court.

Section 1128B — Criminal Provisions Including the Anti-Kickback Statute

Section 1128B (42 U.S.C. § 1320a-7b) contains five criminal provisions:

  • 1128B(a): false statements in benefit applications
  • 1128B(b): the Anti-Kickback Statute
  • 1128B(c): false statements to influence enrollment
  • 1128B(d): excess charges or charges in violation of assignment terms
  • 1128B(e): patient inducement misconduct (older provision)

The Anti-Kickback Statute (AKS) at 1128B(b) is the most prominent. It is a criminal felony prohibiting any person from knowingly and willfully offering, paying, soliciting, or receiving any remuneration (in cash or in kind, directly or indirectly, overtly or covertly) to induce or reward referrals of items or services payable in whole or in part by federal health care programs.

Penalties:

  • Up to 10 years imprisonment per offense
  • Fines up to $100,000 per violation
  • Mandatory exclusion from Medicare/Medicaid (under Section 1128(a)(7))
  • Civil False Claims Act liability — every claim resulting from an AKS violation is automatically a false claim per Section 6402(f) of the ACA (codified at 42 U.S.C. § 1320a-7b(g))

The AKS has safe harbors — regulatory exceptions at 42 CFR Part 1001.952 that immunize specific arrangements (e.g., investments in large entities, space rental, equipment rental, personal services arrangements, employment, etc.) if all listed requirements are met. Safe harbor compliance is voluntary; falling outside a safe harbor is not itself a violation but means the arrangement is judged on the totality of facts.

Section 1877 — Stark Law (Physician Self-Referral)

Section 1877 of the Social Security Act (42 U.S.C. § 1395nn) — commonly called the Stark Law after Congressman Fortney "Pete" Stark — prohibits a physician from making a referral to an entity for the furnishing of designated health services (DHS) payable by Medicare if the physician (or an immediate family member) has a financial relationship with the entity, absent an exception.

Designated health services include clinical laboratory services, physical therapy, occupational therapy, outpatient speech-language pathology, radiology and imaging, radiation therapy, durable medical equipment and supplies (DME), parenteral and enteral nutrients, prosthetics and orthotics, home health services, outpatient prescription drugs, and inpatient and outpatient hospital services.

Stark Law is a strict liability civil prohibition — there is no intent requirement (unlike AKS, which requires knowing and willful conduct). The remedy is denial of payment, refund of amounts collected, and potential CMPs and False Claims Act liability.

Stark Law has dozens of regulatory exceptions at 42 CFR Part 411 Subpart J — including bona fide employment, in-office ancillary services, fair market value compensation, and many others. Exception compliance is mandatory for self-referral arrangements to be legal.

The Stark Law and AKS often overlap — many arrangements implicate both. Compliance with a Stark exception does not automatically satisfy AKS, and AKS safe harbor compliance does not automatically satisfy Stark.

The Federal False Claims Act (31 U.S.C. §§ 3729-3733)

The federal False Claims Act (FCA), originally enacted in 1863 as Lincoln's response to Civil War contractor fraud, prohibits any person from:

  • Knowingly presenting a false or fraudulent claim for payment to the federal government
  • Knowingly making a false record or statement material to a false or fraudulent claim
  • Knowingly retaining an overpayment (the "reverse false claims" provision, added by FERA 2009)
  • Other categories

"Knowingly" includes actual knowledge, deliberate ignorance, and reckless disregard. Specific intent to defraud is not required.

Penalties (per claim):

  • Treble damages (three times the amount falsely claimed)
  • Civil penalty between approximately $13,000 and approximately $27,000 per false claim (amounts adjusted annually for inflation)

Qui tam provisions (31 U.S.C. § 3730(b)) allow private individuals ("relators" or "whistleblowers") to file FCA suits on behalf of the United States. The relator files under seal in federal court, serves the United States, and the government investigates and decides whether to intervene. If the government intervenes, the relator typically recovers 15-25% of any recovery. If the government declines and the relator proceeds, the relator typically recovers 25-30%.

The False Claims Amendments Act of 1986 (Public Law 99-562, October 27, 1986) substantially strengthened the FCA — increased penalties, lowered the scienter standard from "specific intent" to "knowing," expanded qui tam provisions, and added anti-retaliation protections.

The Fraud Enforcement and Recovery Act of 2009 (FERA, Public Law 111-21, May 20, 2009) further expanded FCA — clarified that liability attaches to false claims submitted to recipients of federal funds (not just direct submissions to the federal government), added the "reverse false claim" provision for knowing retention of overpayments, and expanded other liability theories.

The Patient Protection and Affordable Care Act of 2010 (Public Law 111-148, March 23, 2010) further strengthened FCA application in health care — including the AKS-FCA linkage at Section 6402(f), the 60-day overpayment refund requirement at Section 6402(a) (codified at 42 U.S.C. § 1320a-7k(d)), and the expansion of public disclosure bar in qui tam cases.

The FCA is the federal government's most powerful tool for civil health care fraud enforcement. DOJ has recovered more than $75 billion under the FCA since 1986, with health care representing the majority of recoveries.

HIPAA 1996 Title II Section 1128C — Health Care Fraud and Abuse Control Program

The Health Insurance Portability and Accountability Act of 1996 (HIPAA, Public Law 104-191, August 21, 1996) Title II included substantial anti-fraud provisions, including:

  • Section 1128C of the Social Security Act — created the Health Care Fraud and Abuse Control (HCFAC) Program jointly administered by HHS and DOJ
  • Criminal health care fraud statute (18 U.S.C. § 1347)
  • Theft or embezzlement in connection with health care (18 U.S.C. § 669)
  • False statements relating to health care matters (18 U.S.C. § 1035)
  • Obstruction of criminal investigations of health care offenses (18 U.S.C. § 1518)
  • Health care benefit program definitions (18 U.S.C. § 24)

The HCFAC Program provides dedicated funding for Medicare and Medicaid fraud enforcement, coordinates federal-state enforcement efforts, and produces annual reports to Congress documenting recoveries, exclusions, and convictions.

Affordable Care Act 2010 Section 6401 — Provider Screening and Compliance

The Affordable Care Act of 2010 included numerous anti-fraud provisions in Subtitle E "Medicare, Medicaid, and CHIP Program Integrity Provisions." Section 6401 ("Provider Screening and Other Enrollment Requirements Under Medicare, Medicaid, and CHIP") strengthened provider enrollment requirements:

  • Risk-based provider screening (limited, moderate, high categories with corresponding screening requirements)
  • Fingerprint-based criminal background checks for high-risk categories
  • Site visits for moderate and high-risk providers
  • Application fees
  • Provider revalidation every 3-5 years
  • Authority for temporary moratoria on new enrollment in high-fraud geographies/categories
  • Compliance program requirements (made compliance programs mandatory for Medicare/Medicaid providers — though detailed CMS implementing regulations have been issued category by category)

Section 6402 ("Enhanced Medicare and Medicaid Program Integrity Provisions") included:

  • 60-day overpayment refund requirement
  • AKS-FCA linkage (any claim resulting from AKS violation is a false claim for FCA purposes)
  • Authority to suspend payment to providers based on credible allegations of fraud
  • Self-Disclosure Protocol enhancements
  • Other authorities

Section 6403, 6404, and 6405 added additional integrity authorities (national provider databases, expanded screening, durable medical equipment provisions, etc.).

The Federal Enforcement Structure

HHS Office of Inspector General (OIG)

HHS OIG, established by the Inspector General Act of 1978, is the principal federal civil enforcement authority for Medicare and Medicaid fraud. OIG's core functions:

  • Civil enforcement: imposing CMPs, executing exclusions, negotiating Corporate Integrity Agreements (CIAs)
  • Criminal referrals: OIG investigators are sworn federal law enforcement officers who refer criminal cases to DOJ
  • Audits and evaluations: program integrity audits, beneficiary impact studies, OIG advisory opinions
  • Compliance guidance: Provider-type compliance program guidance, special fraud alerts, advisory opinions
  • Operations: National Office (Washington, D.C.), Office of Investigations field offices nationwide including an Atlanta Regional Office

OIG's annual budget is funded jointly through congressional appropriations and the HCFAC Program. OIG returns approximately $4-8 to the Medicare Trust Funds for every $1 spent.

Department of Justice (DOJ) Health Care Fraud Unit

DOJ's Criminal Division Fraud Section Health Care Fraud Unit is the principal federal prosecutor for criminal health care fraud. Created in 2007 to operate the Medicare Fraud Strike Force, the Unit prosecutes complex criminal health care fraud cases nationally. DOJ's Civil Division Commercial Litigation Branch Fraud Section handles civil FCA litigation.

The four U.S. Attorney's Offices in Georgia — Eastern District of Georgia (Augusta-based), Northern District of Georgia (Atlanta-based), Middle District of Georgia (Macon-based), Southern District of Georgia (Savannah-based) — also prosecute Medicare fraud cases independently and in coordination with the Health Care Fraud Unit.

Medicare Fraud Strike Force

The Medicare Fraud Strike Force, launched in Miami in 2007, is a DOJ/HHS OIG joint task force model that uses data-driven analytics to identify aberrant billing patterns, target organized fraud schemes, and prosecute cases at scale. Strike Force operations now run in more than a dozen cities including Atlanta, Miami, Los Angeles, Detroit, Houston, Tampa, Brooklyn, Baton Rouge, Chicago, Dallas, and Newark.

Strike Force cases typically involve coordinated takedowns of dozens or hundreds of defendants. As of 2024, Strike Force operations have led to more than 5,000 criminal prosecutions and billions of dollars in restitution and recoveries since 2007. The Atlanta Strike Force has prosecuted notable cases involving DMEPOS fraud, telemedicine kickback schemes, genetic testing fraud, hospice fraud, and home health fraud — many of which involved Georgia-based providers and Georgia beneficiaries.

CMS Center for Program Integrity (CPI)

CMS's Center for Program Integrity coordinates federal program integrity operations:

  • Manages the Unified Program Integrity Contractor (UPIC) network
  • Operates the Fraud Prevention System (FPS) — predictive analytics on Medicare claims
  • Administers the National Provider Identifier (NPI), provider enrollment, and screening systems
  • Coordinates with HHS OIG, DOJ, MACs, and state Medicaid Fraud Control Units
  • Issues policy guidance, transmittals, and program integrity rulemakings

Unified Program Integrity Contractors (UPICs)

UPICs are contractors that perform program integrity work for CMS — investigation of suspected fraud, waste, and abuse; audits; data analysis; provider education; referral to law enforcement. UPICs operate in five regional jurisdictions (Northeast, Midwest, Southeast, Southwest, West) covering Medicare Parts A/B/C/D and Medicaid. The Southeast UPIC (covering Georgia and most southeastern states) is operated by SafeGuard Services LLC.

Medicare Administrative Contractors (MACs)

MACs process Medicare claims and conduct claim-level program integrity work. For Georgia:

  • Palmetto GBA — Part A/B MAC Jurisdiction J (AL, GA, TN)
  • CGS Administrators — DME MAC Jurisdiction C (covers Georgia and 15 other states)

MAC functions include claim payment, provider enrollment processing, prepayment and postpayment reviews, overpayment recovery, and referral of suspected fraud to UPICs and OIG.

Senior Medicare Patrol (SMP)

The Senior Medicare Patrol (SMP) is a beneficiary-facing fraud prevention program administered by the HHS Administration for Community Living (ACL) that operates in every state through grants to State Health Insurance Assistance Programs (SHIPs) or other community organizations.

In Georgia, SMP operates through GeorgiaCares SHIP, administered by the Georgia Department of Human Services Division of Aging Services. GeorgiaCares phone: 1-866-552-4464.

SMP volunteers and counselors:

  • Educate Medicare beneficiaries about fraud detection
  • Help beneficiaries review MSNs and EOBs
  • Receive and triage suspected fraud reports
  • Refer complaints to HHS OIG, MACs, UPICs, or law enforcement as appropriate
  • Conduct community presentations and outreach

SMP is free, independent of insurers, and a safe channel for beneficiaries to report concerns without fear of retaliation.

Georgia-Specific Anti-Fraud Infrastructure

U.S. Attorney's Offices

Each of Georgia's four U.S. Attorney's Offices has an Affirmative Civil Enforcement (ACE) and Criminal Division attorney handling health care fraud:

  • U.S. Attorney's Office Northern District of Georgia (Atlanta) — covers Fulton, DeKalb, Cobb, Gwinnett, and 42 other counties in north Georgia
  • U.S. Attorney's Office Middle District of Georgia (Macon) — covers Bibb, Houston, Muscogee, and 67 other counties in central Georgia
  • U.S. Attorney's Office Southern District of Georgia (Savannah) — covers Chatham, Liberty, Brunswick area, and 41 other counties in south/southeast Georgia
  • U.S. Attorney's Office Eastern District of Georgia — historically prosecuted cases in eastern Georgia (note: Georgia's federal districts are Northern, Middle, and Southern; the "Eastern District" reference in some materials refers to operational task force regions rather than a distinct judicial district)

FBI Atlanta Field Office

FBI Atlanta (404-679-9000) covers the entire state of Georgia and works with HHS OIG, DOJ, and state law enforcement on health care fraud investigations.

HHS OIG Atlanta Regional Office

HHS OIG operates a regional office in Atlanta covering the Southeast region, conducting civil and criminal investigations of Medicare and Medicaid fraud.

Georgia Medicaid Fraud Control Unit (MFCU)

The Georgia MFCU, housed in the Office of the Attorney General, investigates and prosecutes Medicaid fraud and patient abuse/neglect in Georgia. While focused on Medicaid, MFCU often coordinates with Medicare fraud investigations involving dual eligible beneficiaries.

GeorgiaCares SHIP (administering Georgia SMP)

GeorgiaCares — 1-866-552-4464 — administers Georgia's Senior Medicare Patrol. Counselors in every Area Agency on Aging (AAA) region statewide. Free and confidential.

Palmetto GBA and CGS Administrators

The two MACs serving Georgia:

  • Palmetto GBA Part A/B MAC Jurisdiction J — 1-855-696-0705 (provider line); fraud referral via Palmetto's program integrity team
  • CGS Administrators DME MAC Jurisdiction C — fraud referral via CGS program integrity team

Common Medicare Fraud Schemes Affecting Georgia Beneficiaries

The most common Medicare fraud schemes affecting Georgia beneficiaries in the 2020s:

1. Genetic Testing Fraud (CGx Schemes)

During the COVID-19 era and into 2024, the federal government prosecuted hundreds of cases involving "Cancer Genomics" (CGx), "cardiac genetic testing," and "neurology genetic testing" schemes. The pattern:

  • Telemarketers cold-call Medicare beneficiaries offering "free" genetic screening
  • Beneficiaries are pressured to give MBI and other personal information
  • Cheek swab kit is mailed
  • A doctor — often via fly-by-night telemedicine — orders the test without medically necessary indication
  • The lab bills Medicare for thousands of dollars per test
  • Kickbacks flow back to the telemarketer/marketer

Georgia beneficiaries have been heavily targeted. Multiple Georgia-based labs and physicians have been prosecuted.

2. DMEPOS Fraud (Braces, Catheters, CGMs)

DMEPOS fraud is among the most prevalent schemes nationally. Common patterns:

  • Unsolicited delivery of orthotic braces (back, knee, neck, wrist, ankle) ordered through fraudulent telemedicine consults
  • Urinary catheter fraud — billing for catheters never ordered or never delivered
  • Continuous glucose monitor (CGM) fraud — billing CGMs for beneficiaries who don't have diabetes or don't meet medical necessity criteria
  • Power mobility device (PMD) fraud — billing for power wheelchairs not ordered or not medically necessary

DMEPOS Competitive Bidding Program (CBP) was hiatused January 1, 2024, increasing fraud risk in non-CBP regions. CGS Administrators DME MAC Jurisdiction C is the primary claims fraud detector for Georgia.

3. Telemedicine Kickback Schemes

The expansion of telemedicine flexibilities during COVID-19 created new fraud vectors:

  • Telemedicine "consults" lasting minutes that order thousands of dollars of unnecessary genetic tests, DMEPOS, or other items
  • Marketers paying physicians per signed order
  • Telemedicine practitioners ordering for patients they never spoke with

DOJ's National Health Care Fraud Enforcement Action of 2022 (the largest in history at that point) involved $1.2 billion in telemedicine fraud.

4. Hospice Fraud

Hospice fraud schemes include:

  • Recruiting non-terminally-ill beneficiaries into hospice
  • Falsifying physician certifications of terminal illness
  • Billing for hospice services never delivered
  • Kickbacks for hospice referrals

Hospice fraud has been a notable enforcement priority in Georgia.

5. Home Health Fraud

Home health fraud schemes include:

  • Falsifying face-to-face (F2F) encounters
  • Forging physician signatures on plans of care
  • Billing for visits not made
  • Kickbacks for home health referrals

6. Pain Management Pill Mill Schemes

"Pill mill" schemes involve controlled substance prescribing without legitimate medical necessity, often with cash payments, and often combined with Medicare Part D billing for the prescriptions.

7. Identity Theft and MBI Misuse

Identity theft schemes use stolen Medicare Beneficiary Identifiers (MBIs) to bill for items and services never delivered. Following the MACRA 2015 SSN-removal transition, MBI confidentiality is itself a critical anti-fraud protection.

8. Skilled Nursing Facility (SNF) Billing Fraud

SNF schemes include upcoding therapy minutes under the PDPM payment system, billing for services not rendered, and other patterns.

9. Laboratory and Pathology Fraud

Lab schemes include billing for tests not performed, billing for medically unnecessary panel tests, and kickbacks to ordering physicians.

10. Pharmacy Fraud

Pharmacy fraud schemes include billing for medications not dispensed, drug switching, autoship without consent, and other patterns.

Reporting Suspected Medicare Fraud

Georgia beneficiaries and providers can report suspected Medicare fraud through multiple channels:

  1. Senior Medicare Patrol (SMP) via GeorgiaCares SHIP: 1-866-552-4464
  2. HHS OIG Hotline: 1-800-HHS-TIPS (1-800-447-8477) or tips.hhs.gov
  3. 1-800-MEDICARE: report directly to Medicare
  4. Palmetto GBA Program Integrity: through palmettogba.com
  5. CGS Administrators DME MAC Program Integrity
  6. FBI Atlanta: 404-679-9000
  7. U.S. Attorney's Office (one of Georgia's federal districts)
  8. Georgia Medicaid Fraud Control Unit (for Medicaid-related fraud)
  9. Federal Trade Commission: reportfraud.ftc.gov or IdentityTheft.gov for identity theft
  10. Qui tam attorney: for individuals with insider knowledge of provider fraud who wish to file an FCA whistleblower suit

Reports may be made anonymously. SMP counselors will help beneficiaries identify whether a claim is suspicious and assist with reporting.

Beneficiary Protections

Federal law protects Medicare beneficiaries in several ways:

  • MBI Confidentiality: Medicare Beneficiary Identifiers were created specifically to reduce identity theft following the mid-2010s data breach landscape. Beneficiaries should treat the MBI like a Social Security number.
  • Whistleblower Anti-Retaliation: FCA § 3730(h) protects employees who report fraud from retaliation.
  • Right to Appeal: Beneficiaries have appeal rights for any denied claim, including claims denied because the underlying provider was excluded.
  • Free SMP Counseling: GeorgiaCares SMP counselors are free and independent.
  • CMS Beneficiary Education: Medicare.gov and the Medicare & You handbook provide annual fraud awareness materials.

Provider Compliance Obligations

Medicare providers have substantial compliance obligations:

  • Provider Enrollment Screening: Under Section 6401 of ACA, providers undergo risk-based screening at enrollment and revalidation
  • Compliance Programs: Section 6401 of ACA made compliance programs mandatory; OIG has published compliance program guidance for many provider types
  • LEIE Screening: providers must check the OIG List of Excluded Individuals/Entities at hire and monthly
  • 60-Day Overpayment Refund: ACA Section 6402(a) requires refund of identified overpayments within 60 days
  • Self-Disclosure Protocol: OIG operates a Self-Disclosure Protocol for providers to disclose potential CMP/AKS violations with reduced penalties
  • CMS Self-Referral Disclosure Protocol (SRDP): separate CMS protocol for Stark Law disclosures

Failure to maintain compliance can lead to civil and criminal liability.

Worked Examples

Example 1: Fulton 70 — Genetic Testing Scam Call

A 70-year-old Atlanta beneficiary in Fulton County receives an unsolicited telephone call from a marketer offering "free cancer genetic screening — Medicare covers it." The caller asks for the beneficiary's MBI to "verify eligibility." The beneficiary, suspicious, declines and hangs up. She calls GeorgiaCares SHIP (1-866-552-4464). The SMP counselor confirms this is a known CGx fraud pattern, helps the beneficiary file a report to HHS OIG via 1-800-HHS-TIPS, and provides identity theft monitoring guidance through IdentityTheft.gov.

Example 2: DeKalb 75 — DMEPOS Brace Scheme

A 75-year-old DeKalb County beneficiary receives an unsolicited delivery of an orthotic back brace he never ordered. The package includes paperwork referencing a "telemedicine consultation" he doesn't recall. Two weeks later, his Medicare Summary Notice shows a $1,200 charge for the brace plus a physician evaluation fee. He calls SMP, who helps him dispute the charge with Medicare, refuse the delivery (with package returned), report the suspected fraud to HHS OIG, and document the case for potential identity theft monitoring.

Example 3: Cobb 68 — Telemedicine Kickback Case

A 68-year-old Cobb County beneficiary attends a community center "free Medicare screening" event. The "doctor" — appearing remotely via video — speaks with her for three minutes and orders genetic testing, a back brace, and a knee brace. Concerned, she shows the visit paperwork to her primary care physician at her next appointment. The PCP recognizes the marketing pattern, helps her dispute the orders with Medicare, and supports a report to HHS OIG. (Such schemes commonly result in DOJ Strike Force prosecutions.)

Example 4: Worth County 72 — Hospice Fraud

A 72-year-old beneficiary in Worth County (rural south Georgia) is approached by a marketer offering "free in-home services and supplies through hospice." The marketer pressures enrollment in hospice care despite the beneficiary not having a terminal illness. The beneficiary's daughter, suspicious, calls GeorgiaCares SHIP. The SMP counselor explains that hospice enrollment requires a physician certification of terminal illness with prognosis of 6 months or less, that hospice election waives Medicare coverage of curative treatment for the terminal condition, and that the marketing pattern is consistent with prosecuted hospice fraud cases. The daughter helps her father disenroll from hospice and file a fraud report with HHS OIG.

Example 5: Bibb 80 — Home Health Sham Face-to-Face

An 80-year-old Bibb County beneficiary signs a face-to-face encounter form presented by a home health agency marketer who claims to be a "physician's assistant" but never actually examines him. Two months later, his MSN shows extensive home health services he never received. SMP helps him compare the dates on the MSN with his actual visits, identify discrepancies, and report the suspected fraud. Pattern is consistent with prosecuted home health F2F fraud schemes.

Example 6: Hall 67 — Reporting Fraud Through SMP

A 67-year-old Hall County beneficiary notices on her MSN that Medicare paid $4,500 for a genetic test labeled "hereditary cancer panel" that she does not recall ever taking. She calls GeorgiaCares SHIP (1-866-552-4464). The SMP counselor walks her through the MSN line by line, helps her contact the billing lab to request the underlying order documentation, helps file a fraud report to HHS OIG, and provides identity theft monitoring guidance. The lab's response (or non-response) becomes evidence in a federal fraud investigation.

Best Practices

  1. Review every Medicare Summary Notice (MSN) and Explanation of Benefits (EOB) — quarterly MSN review is the single most effective beneficiary fraud detection tool.
  2. Never give your Medicare number (MBI) to unsolicited callers — Medicare, SSA, and CMS never call asking for the MBI.
  3. Never give your MBI in exchange for "free" services — there are no free items contingent on giving the MBI.
  4. Use the GeorgiaCares SMP at 1-866-552-4464 for any suspicious activity — free, independent, confidential.
  5. Check that any DMEPOS supplier is enrolled in Medicare and has a legitimate prescription from your treating physician before accepting delivery.
  6. Refuse and return unsolicited DMEPOS deliveries — accepting unsolicited items can complicate fraud disputes.
  7. Be skeptical of community-based "free Medicare screening" events that involve telehealth visits with unknown providers ordering tests/equipment.
  8. Verify that providers are enrolled in Medicare — check Medicare.gov physician/provider lookup tools.
  9. Keep your own appointment and treatment log for comparison with MSNs.
  10. Report suspected fraud promptly — early reports help OIG identify and stop schemes affecting many beneficiaries.
  11. Use HHS OIG Hotline 1-800-HHS-TIPS for direct federal reporting.
  12. Use IdentityTheft.gov (FTC) if your MBI may have been compromised.
  13. For providers: maintain a compliance program with LEIE screening, monthly OIG list checks, and provider enrollment compliance.
  14. For providers: respect the 60-day overpayment refund clock under ACA Section 6402(a).

Common Issues

  1. Confusion between Medicare beneficiary fraud (against the program) and Medicare scam-victim status (against the beneficiary) — most fraud schemes use beneficiaries' identifiers; beneficiaries are not perpetrators when their MBI is misused.
  2. Beneficiaries hesitate to report out of fear of being accused — SMP counselors emphasize that reporting suspected fraud is encouraged, not penalized.
  3. Identity theft after MBI compromise — even after a scheme is reported, the MBI may continue to be misused; monitoring MSNs is essential.
  4. MBI replacement after compromise — CMS does not routinely replace MBIs after identity theft; in limited compromise cases, CMS may issue a new MBI.
  5. DMEPOS unsolicited delivery confusion — beneficiaries sometimes accept and use items thinking they are "free," not realizing Medicare is being billed.
  6. Telemedicine consult confusion — beneficiaries may not realize that a brief telehealth visit was used to "order" equipment they didn't need.
  7. Provider self-referral compliance complexity — Stark Law exceptions are technical; small practices often need legal review of arrangements.
  8. AKS safe harbor over-reliance — failing a safe harbor doesn't mean an arrangement is illegal, but it requires totality-of-circumstances analysis.
  9. FCA qui tam timing — relators must file under seal with proper procedure; failure to follow process can forfeit the qui tam award.
  10. 60-day overpayment clock counting — the clock starts when overpayment is identified, not when investigation is complete; providers must move quickly.
  11. LEIE screening gaps — failing to check the OIG exclusion list at hire and monthly thereafter exposes employers to CMP liability.
  12. Provider compliance program standards — what counts as a "compliance program" varies by provider type; OIG guidance applies.
  13. Cross-state telemedicine licensing in fraud schemes — many fraud schemes involve providers licensed in one state ordering for beneficiaries in another, creating cross-state enforcement complexity.
  14. Reporting through SMP vs. OIG direct — SMP is the preferred channel for beneficiaries; OIG is the direct channel; both are valid.

Frequently Asked Questions

Q1: How do I report suspected Medicare fraud in Georgia?

A: Call GeorgiaCares SHIP at 1-866-552-4464 (Senior Medicare Patrol) for free counseling and reporting assistance. Alternatively, call the HHS OIG Hotline at 1-800-HHS-TIPS (1-800-447-8477) or submit a tip at tips.hhs.gov. You may also call 1-800-MEDICARE. Reports may be anonymous.

Q2: What is the Senior Medicare Patrol (SMP)?

A: SMP is a federally funded beneficiary-facing program administered by the HHS Administration for Community Living that operates in every state. SMP educates Medicare beneficiaries about fraud detection and helps them report suspected fraud. In Georgia, SMP operates through GeorgiaCares SHIP.

Q3: Should I give my Medicare number to a caller offering free services?

A: No. Medicare, CMS, and the Social Security Administration never call asking for your Medicare Beneficiary Identifier (MBI). Treat your MBI like your Social Security number — give it only to your treating providers and the federal agencies you initiated contact with.

Q4: What is the Anti-Kickback Statute (AKS)?

A: The AKS at Section 1128B(b) of the Social Security Act (42 U.S.C. § 1320a-7b(b)) is a federal criminal felony prohibiting knowing and willful offering, paying, soliciting, or receiving any remuneration to induce or reward referrals of items or services payable by federal health care programs. Violations carry up to 10 years imprisonment, fines up to $100,000, exclusion, and FCA liability.

Q5: What is the Stark Law?

A: The Stark Law at Section 1877 of the Social Security Act (42 U.S.C. § 1395nn) is a federal civil prohibition on physician self-referral for designated health services to entities with which the physician has a financial relationship, absent a regulatory exception. Stark Law is strict liability — no intent is required.

Q6: What is the False Claims Act?

A: The federal False Claims Act (31 U.S.C. §§ 3729-3733), originally enacted in 1863 as Lincoln's Civil War contractor fraud law, prohibits knowing submission of false or fraudulent claims to the federal government. Penalties include treble damages plus per-claim civil penalties. The FCA includes qui tam whistleblower provisions allowing private parties to sue on behalf of the United States.

Q7: What are the FCA qui tam whistleblower provisions?

A: Under 31 U.S.C. § 3730(b), a private individual ("relator") may file an FCA suit on behalf of the United States. The complaint is filed under seal in federal court. The government investigates and decides whether to intervene. If the government intervenes, the relator typically recovers 15-25% of any recovery. If the government declines and the relator proceeds, the relator typically recovers 25-30%.

Q8: What is the Health Care Fraud and Abuse Control (HCFAC) Program?

A: HCFAC was created by Section 1128C of the Social Security Act, added by HIPAA 1996 (Public Law 104-191, August 21, 1996). It provides dedicated funding for federal Medicare and Medicaid fraud enforcement and coordinates HHS-DOJ anti-fraud efforts. HCFAC publishes an annual report to Congress.

Q9: What is the Medicare Fraud Strike Force?

A: The Medicare Fraud Strike Force is a DOJ/HHS OIG joint task force model first deployed in Miami in 2007 that uses data analytics to identify and prosecute organized Medicare fraud schemes. Strike Force operations run in more than a dozen cities including Atlanta.

Q10: What is the most common Medicare fraud scheme affecting Georgia beneficiaries?

A: In the 2020s, genetic testing fraud (CGx schemes) and DMEPOS fraud (orthotic braces, urinary catheters, CGMs) have been the most prevalent schemes targeting Georgia Medicare beneficiaries — often executed through unsolicited telemarketing calls and fly-by-night telemedicine consults.

Q11: What is HHS OIG?

A: The HHS Office of Inspector General, established by the Inspector General Act of 1978, is the principal federal civil enforcement authority for Medicare and Medicaid fraud. OIG executes exclusions, imposes civil monetary penalties, conducts audits, and refers criminal cases to DOJ. OIG operates an Atlanta Regional Office covering the Southeast.

Q12: What is the HHS OIG List of Excluded Individuals/Entities (LEIE)?

A: The LEIE is HHS OIG's list of individuals and entities excluded from participation in Medicare, Medicaid, and other federal health care programs. Providers must screen the LEIE at hire and monthly thereafter for all employees and contractors. The LEIE is available at oig.hhs.gov.

Q13: What is the HHS OIG Self-Disclosure Protocol?

A: OIG operates a Self-Disclosure Protocol that allows providers to voluntarily disclose potential CMP, AKS, or other violations to OIG with reduced penalties. CMS operates a parallel Self-Referral Disclosure Protocol (SRDP) for Stark Law disclosures.

Q14: What is ACA Section 6401?

A: Section 6401 of the Patient Protection and Affordable Care Act of 2010 (Public Law 111-148, March 23, 2010) strengthened Medicare provider enrollment requirements — risk-based screening, fingerprint-based background checks for high-risk categories, site visits, application fees, revalidation, and temporary enrollment moratoria authority. Section 6401 also made compliance programs mandatory.

Q15: What is ACA Section 6402?

A: Section 6402 of ACA expanded program integrity authorities — including the 60-day overpayment refund requirement (codified at 42 U.S.C. § 1320a-7k(d)) and the AKS-FCA linkage (any claim resulting from an AKS violation is a false claim for FCA purposes).

Q16: What is the 60-day overpayment refund rule?

A: Under ACA Section 6402(a), Medicare providers must report and return identified overpayments within 60 days of identification. Failure to refund creates FCA liability under the "reverse false claim" provision (31 U.S.C. § 3729(a)(1)(G)) added by FERA 2009.

Q17: What are Unified Program Integrity Contractors (UPICs)?

A: UPICs are contractors that perform fraud, waste, and abuse investigation work for CMS. UPICs operate in five regional jurisdictions. The Southeast UPIC covers Georgia and most southeastern states. UPICs investigate suspected fraud, conduct audits, perform data analysis, educate providers, and refer cases to law enforcement.

Q18: Who is the Part A/B Medicare Administrative Contractor (MAC) for Georgia?

A: Palmetto GBA is the Part A/B MAC for Jurisdiction J (Alabama, Georgia, Tennessee). Palmetto processes Medicare Part A and Part B claims for Georgia providers and conducts claim-level program integrity work.

Q19: Who is the DME MAC for Georgia?

A: CGS Administrators is the Durable Medical Equipment MAC for Jurisdiction C (which includes Georgia and 15 other states). CGS processes DMEPOS claims and conducts DME-specific program integrity work.

Q20: Are Medicare beneficiaries ever prosecuted for fraud?

A: Very rarely, and only when the beneficiary is a knowing co-conspirator (e.g., providing the MBI in exchange for kickbacks). The overwhelming pattern is that beneficiaries are victims whose MBIs are misused by perpetrators — not perpetrators themselves. Beneficiaries should never hesitate to report suspected fraud out of fear of self-incrimination for using a stolen MBI.

Q21: What is identity theft involving Medicare?

A: Medicare identity theft occurs when a perpetrator uses a Medicare beneficiary's MBI to bill Medicare for items or services that were never delivered to the beneficiary or were delivered to someone else. Identity theft is reportable to HHS OIG, FTC (IdentityTheft.gov), and credit bureaus.

Q22: What is the difference between Medicare and Medicaid fraud enforcement?

A: Medicare fraud enforcement is primarily federal (HHS OIG, DOJ, MACs, UPICs). Medicaid fraud enforcement involves both federal and state authorities — including state Medicaid Fraud Control Units (MFCUs). Georgia's MFCU is housed in the Office of the Attorney General. Dual eligible beneficiary fraud often involves coordinated investigations.

Q23: How can I check whether a Medicare provider has been excluded?

A: Search the HHS OIG List of Excluded Individuals/Entities (LEIE) at oig.hhs.gov/exclusions. The LEIE is updated monthly and is freely searchable.

Q24: Can I sue a provider for Medicare fraud as a whistleblower?

A: Yes — under the False Claims Act qui tam provisions (31 U.S.C. § 3730(b)), individuals with non-public knowledge of fraud against the federal government may file a sealed FCA complaint as a relator. Consult a qui tam-experienced attorney. Note that FCA qui tam suits have strict procedural requirements including filing under seal, serving the United States, and timing rules.

Q25: Why does Medicare fraud protection matter for Georgia beneficiaries?

A: Medicare fraud costs Georgia beneficiaries directly through identity theft, indirectly through Medicare Trust Fund losses (raising Part B premiums and threatening program solvency), and harm to legitimate providers. Every Georgia beneficiary can play a role by reviewing MSNs and EOBs, protecting the MBI, and reporting suspected fraud to GeorgiaCares SMP at 1-866-552-4464.

Call to Action — Contacts and Resources

If you suspect Medicare fraud, your information has been compromised, or you need help reviewing a Medicare claim:

  1. GeorgiaCares SHIP (Senior Medicare Patrol): 1-866-552-4464 — free, confidential SMP counseling
  2. HHS OIG Hotline: 1-800-HHS-TIPS (1-800-447-8477) or tips.hhs.gov
  3. Medicare: 1-800-MEDICARE (1-800-633-4227) — Medicare.gov
  4. Palmetto GBA Part A/B MAC: 1-866-238-9650 (provider line) / 1-855-696-0705
  5. CGS Administrators DME MAC — cgsmedicare.com
  6. FBI Atlanta Field Office: 404-679-9000
  7. U.S. Attorney's Office Northern District of Georgia — Atlanta
  8. U.S. Attorney's Office Middle District of Georgia — Macon
  9. U.S. Attorney's Office Southern District of Georgia — Savannah
  10. Georgia Attorney General Consumer Protection: 404-651-8600
  11. Georgia Medicaid Fraud Control Unit (via Georgia AG)
  12. Medicare Rights Center: 1-800-333-4114
  13. Atlanta Legal Aid: 404-377-0701
  14. Georgia Legal Services: 1-800-498-9469
  15. FTC IdentityTheft.gov — identity theft recovery plan
  16. Federal Trade Commission: reportfraud.ftc.gov
  17. Identity Theft Resource Center: 1-888-400-5530

For every Georgia Medicare beneficiary, Medicare fraud protection begins with the same basic practices: protect your MBI, review your MSN/EOB quarterly, be skeptical of unsolicited calls and "free" offers, and use SMP for free help. For providers, compliance programs, LEIE screening, the 60-day overpayment rule, and adherence to AKS and Stark are non-negotiable.

The federal anti-fraud framework — Section 1128, the False Claims Act, the Anti-Kickback Statute, the Stark Law, HIPAA's HCFAC Program, ACA Section 6401 — exists to protect the Medicare program and the more than 1.7 million Georgians who depend on it. Reporting suspected fraud is how every Georgia beneficiary contributes to that protection.

BC

Brevy Care Team

Expert eldercare guidance from Brevy's team of healthcare professionals and researchers.