Telemedicine is no longer a pandemic stopgap, it’s a permanent care channel. That scale has also attracted organized fraud rings that generate false claims through scripted virtual encounters, sham referrals, or mass-ordering of devices and tests. In June 2025, U.S. agencies announced the largest healthcare fraud takedown in DOJ history, charging 324 defendants and highlighting telemedicine and genetic-testing schemes among the biggest drivers of the alleged $14.6B in intended losses.
New Fraud Patterns You’re Likely to See
- Telemedicine “cartels” that create sham telehealth companies, purchase patient leads, and run rapid-fire virtual ‘visits’ to justify medically unnecessary orders—especially genetic tests and DME—then sell claims pipelines across multiple billing IDs to avoid detection. Recent enforcement actions cite 49 telehealth-related defendants tied to $1.17 billion in claims.
- Remote Patient Monitoring (RPM) billing abuse is another rising integrity risk, with rapid growth as a fraud vector, and a need for tighter oversight, including enrollment, time thresholds, and medical necessity documentation. Small practices that outsource RPM are particularly exposed to vendor-driven overbilling.
- Controlled-substance tele-prescribing scams are also in the mix. 2024 prosecutions against a digital health company demonstrated how lax workflows and volume-driven models can lead to fraud, insurer losses, and patient safety risks.
Why Smaller Providers are Targeted
Fraud rings look for practices with lean compliance staffing, rapidly changing telehealth vendors, and fragmented documentation across EHR, telehealth, and billing systems. These environments make it easier to insert unauthorized orders, “incident-to” claims without supervision proof, or RPM time logs that don’t match encounter data. Centers for Medicare and Medicaid Services (CMS) has urged stronger program-integrity controls across the board, reinforcing that documentation and vendor oversight must match the risk profile of virtual care.
Red Flags Inside Your Workflows
- Exploding order volume for DME, genetic tests, or RPM devices following a new vendor or “marketing partner.”
- Copy-paste clinical notes supporting identical medical necessity across many patients and providers.
- Inconsistent RPM timestamps encounter logs or staff schedules.
- Third-party outreach impersonating payers or “fraud investigators” requesting PHI or access—an active social-engineering vector in 2025.
Practical Controls That Actually Work
- Tighten vendor due diligence. Require BAAs, ownership disclosures, sample documentation, and attestation of medical-necessity criteria before sending a single referral. Conduct quarterly file reviews on any RPM, genetic, or DM partner.
- Link telehealth, HER, and billing metadata. Cross-check encounter duration, clinician identity, and diagnosis against ordered services to catch “visit-less” claims. (DOJ cases repeatedly cite orders without genuine encounters.)
- Build alerts into your claims process. Red flags include a sudden increase in services, unusual code combinations, or unfamiliar suppliers associated with your patients.
- Document like an auditor will read it. For RPM: device reason, baseline risk, patient consent, time thresholds, and action taken on data every month.
- Train staff on imposter tactics. Validate any “payer audit” outreach via known numbers and never act on links/texts from unsolicited messages.
LibertyID Business Solutions provides customer WISP protocols, advanced information security employee training, third-party vendor management tools, and post-breach regulatory response and notification services. This allows businesses to improve the safeguards surrounding their consumers’ private data and head toward a compliant posture in relation to the federal FTC and often overlooked state regulations. Along with the components mentioned, LibertyID Business Solutions includes our gold-standard identity fraud restoration management services for employees and their families.