The AI enforcement era is here, with Pat Naples, J.D., of ArentFox Schiff

CMS's latest antifraud actions — withholding Medicaid funds from Minnesota, freezing enrollment for certain durable medical equipment suppliers and launching the CRUSH initiative — signal a broader shift in how the federal government plans to police health care fraud. In this episode, Pat Naples, J.D., senior associate at ArentFox Schiff, walks through the legal authority behind each of those actions and explains what the move from "pay and chase" to AI-driven real-time fraud detection means for physician practices. 

Naples covers what rights physicians actually have when payments are flagged or withheld, why CMS has near-total immunity even if an AI system makes a mistake, and why the Minnesota action is a warning shot for state-level enforcement everywhere. He also lays out a practical compliance roadmap for small practices without dedicated staff.

Music Credits:
Midnight Serenade by MORRIX Holyhold - stock.adobe.com
A Textbook Example by Skip Peck - stock.adobe.com

Editor's note: Episode timestamps and transcript produced using AI tools.

0:00 – 0:25 | Sponsor message Copic Medical Liability Insurance.

0:25 – 0:46 | Cold open Naples previews the episode's bottom line: health care fraud enforcement is not going away, and providers need to be vigilant on the front end.

0:46 – 1:42 | Introduction Austin Littrell introduces the episode and previews the conversation with Naples.

1:42 – 2:43 | Meet Pat Naples and ArentFox Schiff Naples describes his practice — health care fraud enforcement, compliance and managed care litigation — and ArentFox Schiff's national footprint.

2:43 – 5:52 | The legal basis behind CMS's three-part crackdown Naples walks through the distinct legal authority behind each action: the Social Security Act for the Minnesota funding withholding, the Affordable Care Act for the DME enrollment moratorium, and broad government rulemaking authority for the CRUSH request for information. He explains how the moratorium and CRUSH initiative work in tandem — one freezing new enrollment, the other seeking longer-term solutions.

5:52 – 7:17 | Legal guardrails on AI-driven fraud detection Naples identifies the two primary guardrails on the "detect and deploy" approach: a credible allegation of fraud must exist before funds are withheld, and CMS must follow procedural notice requirements. He notes that both are largely within the agency's own discretion in practice.

7:17 – 9:00 | Can an AI flag alone justify withholding payment? Naples explains that claims data mining has been part of federal health care regulations since 2011 — this isn't new. He says regulators typically look for large outliers across the data set, not single anomalous claims, though circumstances and provider profile both factor in.

9:00 – 12:13 | What physicians can do when payments are withheld Naples walks through the appeals path: a written rebuttal statement, then administrative review, then judicial review — a process he acknowledges can be slow. He stresses that providers should be monitoring their own claims data proactively, and that voluntary self-disclosure under the new policy can reduce penalties significantly if issues are caught early.

12:13 – 13:02 | P2 Management Minute Keith Reynolds shares practice management tips and invites listeners to submit their own workflow ideas.

13:02 – 14:48 | What the Minnesota action signals for other states Naples says the federal government's message is clear: states that aren't sufficiently vigilant about fraud will face intervention. He expects a meaningful uptick in state-level enforcement activity, pointing to Texas Attorney General Ken Paxton's aggressive pursuit of pharmaceutical companies as an early indicator.

14:48 – 17:35 | What the DME moratorium means for referring physicians Naples advises practices that refer patients to DME suppliers to scrutinize those relationships now — ensuring referral agreements fall within CMS safe harbors. Even practices that aren't targets of an investigation can be pulled in as witnesses, which requires responding to subpoenas, producing documents and making staff available for interviews.

17:35 – 18:39 | Other enforcement developments to watch Naples flags three: DOJ's new uniform corporate enforcement policy, a new joint HHS-OIG-DOJ task force, and the creation of a National Fraud Enforcement Division — all signals of increased focus and resources devoted to fraud, waste and abuse.

18:39 – 22:17 | Compliance risks that keep coming up at small practices Naples identifies the three most common compliance vulnerabilities: referral relationships and Anti-Kickback Statute exposure, documentation gaps around medical necessity, and inadequate cybersecurity resources. He notes HIPAA compliance has grown more complicated as cyber threats have multiplied.

22:17 – 23:48 | A compliance roadmap for practices without dedicated staff Naples outlines four practical steps: identify your high-risk areas first; implement proper training, including onboarding and annual compliance education; conduct basic monitoring of referral relationships and billing; and build a relationship with outside counsel or compliance consultants before an enforcement action forces the issue.

23:48 – 25:40 | Telehealth scrutiny and the big picture Naples closes with a warning about rising telehealth enforcement activity stemming from pandemic-era proliferation. He also pushes back on the idea that this is something new — health care fraud enforcement has been escalating consistently across administrations, and that trend is not going to change.

25:40 – 26:40 | Outro Littrell thanks listeners and reminds the audience to subscribe and visit MedicalEconomics.com and PhysiciansPractice.com.