On January 21, 2026, the Department of Health and Human Services (“HHS”) Office of Inspector General (“OIG”) released its Semiannual Report to Congress for the six-month period ending September 30, 2025 (“Report”). OIG’s enforcement actions during this period resulted in “the largest health care fraud takedown in the Department of Justice history, involving more than $14.6 billion in intended losses,” and improved the return on investment in OIG to $12.70 in expected recoveries and receivables (money agreed to be repaid to HHS) for every $1 spent. For a copy of the complete Report, click here.
Key Highlights
During the six-month period, OIG added $2.43 billion to its monetary impact, including $2.2 billion in investigative receivables, $82.2 million in audit and evaluation receivables and $147.4 million in potential cost savings. OIG also provided an overview of its oversight activity, including 145 audits covering $3.64 trillion in audited costs, 909 investigations completed, 1,336 individuals and entities excluded, 352 criminal actions and 481 civil actions.
Combating Health Care Fraud
- Criminal charges were brought against 96 physicians, nurse practitioners, pharmacists and other licensed medical practitioners.
- OIG stopped certain schemes before they escalated, including arrangements involving skin substitutes for wound care (over $10 billion spent annually) and remote patient monitoring (over $536 million in payments in 2024).
- The takedown exposed schemes involving durable medical equipment (“DME”), diagnostic testing, telemedicine, wound care and drug diversion.
- A DME marketing company caused the submission of more than $127 million in allegedly fraudulent claims due to violations of the Anti-Kickback Statute.
- A pharmaceutical company paid $202 million to resolve allegations that it paid kickbacks to health care practitioners in the form of honoraria payments, meals and travel expenses related to speaker events.
Strengthening Financial Integrity
- OIG reported on a range of program-specific improper payments, including recommending that the State of Wisconsin refund $12.2 million in improper payments related to services for autism and discovering $711.2 million in unallowable expenditures or inaccurately calculated lost revenues tied to the COVID-19 Provider Relief Fund.
- Through audits of Medicare Advantage organizations, OIG uncovered $6.9 million in overpayments to an insurance company over a two-year period.
- OIG estimated that Medicaid managed care organizations in New Jersey paid caregivers $197 million for services that were not provided consistent with federal and state requirements.
Protecting Patients from Harm
- OIG determined that hospitals failed to identify, investigate and report many patient harm events, including 49% of patient harm events involving Medicare patients.
- During a one-year period, 42,000 nursing home resident falls with major injury resulted in $800 million in associated costs, while 43% went unreported.
- Enforcement actions to curb grossly substandard care in nursing homes resulted in a $4.3 million civil settlement, a three-year conviction for a nurse, and a seven-year exclusion for an employee who sedated a patient to make the employee’s job easier.
Addressing Public Health Crises
- There were still close to 81,000 overdose deaths in 2024; OIG discovered that fewer than one in five Medicare enrollees received medications to treat opioid disorders.
- A pharmacy paid $350 million to settle False Claims Act and Controlled Substances Act violation allegations related to filling invalid prescriptions.
- An intensive outpatient treatment center paid $18.5 million to settle kickback and false claims allegations.
Advancing Excellence in HHS Programs
- OIG’s oversight of HHS programs included uncovering that bad actors were able to divert $7.8 million in grant funds because HHS’s Program Support Center did not have effective internal controls to report fraudulent activity.
Strengthening Cybersecurity
- HHS faces persistent cybersecurity threats; OIG found that the National Institutes of Health did not communicate the risks associated with maintaining patients’ genomic data as part of the All of Us Research Program.
- OIG learned that four cybersecurity contractors reported 10 cybersecurity events, but two of the contractors did not report the incidents to HHS within the required timeframe.
Practical Takeaways
Regulatory enforcement against health care organizations is at an all-time high, and the potential consequences for violations are significant, including steep financial penalties, exclusion from federal health care programs and criminal convictions and imprisonment.
To minimize potential risk and liability, it is essential for health care organizations to take a proactive approach. An effective compliance program must be in place to prevent, detect and appropriately address fraud and abuse, including any self-reporting that may be necessary.
If you have questions or would like additional information about this topic, please contact:
- Brandon Helms at (248) 457-7847 or bhelms@hallrender.com;
- Scott Taebel at (414) 721-0445 or staebel@hallrender.com;
- Alex Olesen at (303) 557-2116 or aolesen@hallrender.com; or
- Your primary Hall Render contact.
Hall Render blog posts and articles are intended for informational purposes only. For ethical reasons, Hall Render attorneys cannot—outside of an attorney-client relationship—answer specific questions that would be legal advice.
