BCL Consulting

CMS Enforcement & AI · Hospice and Home Health

CMS is using AI to audit
hospice and home health billing.

What the enforcement push means for agencies, and what it flags.

By Brooke Lemchak · June 24, 2026

Two things are happening at the same time, and they point at each other.

Your software vendors are putting AI into real decisions. Eligibility. Recertification. Length of stay. OASIS coding. Visit narratives. Some agencies have bought predictive tools that recommend who qualifies for care and for how long. Most of these tools are a black box. The agency cannot fully explain how a recommendation was reached, and there is no policy behind its use.

At the same time, CMS is using AI and predictive analytics to find billing that looks like fraud. The patterns it scores are the same ones a predictive tool can move you toward. An agency that quietly tunes its billing to a vendor's model can be tuning toward the exact patterns CMS watches for. When an auditor asks why a recertification was made, "the software recommended it" is not a defensible answer.

That is the gap. The vendor sells the tool. No professional association has issued guardrails for using it. CMS is reviewing the very decisions the tool influences.

This enforcement is already live

This is not a future problem. Here is what the last year looks like.

  • A nationwide enrollment moratorium on new hospice and home health agencies took effect in May 2026. It runs six months and can be extended. Existing providers keep billing, so for an established agency the point is the posture it signals. CMS is actively hunting these billing patterns.
  • CMS stood up a Fraud Defense Operations Center that uses AI and machine-learning models to flag claims for immediate audit. CMS reports $1.8 billion in payments suspended in 2025.
  • CMS reports $11.9 billion in potentially fraudulent payments prevented across fiscal years 2022 through 2024. Of that, $207 million was stopped by automated prepayment edits in fiscal year 2024 alone.
  • The largest health care fraud takedown on record came in June 2025. It named 324 defendants and alleged $14.6 billion. CMS suspended more than $4 billion in pending claims.
  • In four high-oversight states, 122 hospices had their billing privileges revoked as of June 2025.
  • OIG has found that roughly one-third of general inpatient hospice claims were billed in error.
  • In late 2025, CMS ran a public competition to build explainable AI that scores hospice claims for fraud. The direction of travel is not subtle.

A note on these numbers. The largest dollar figures are CMS's projected cost-avoidance estimates, not collected dollars. The moratorium blocks new enrollments and ownership-change applications, so a long-standing agency is not frozen out. The machine those figures describe is real, and it is pointed at this sector.

What CMS scores you on

CMS publishes a hospice scorecard called the Service and Spending Variation Index. It is built on claims patterns. Long length of stay. Live-discharge churn, including a patient discharged and then readmitted to the same hospice within a week. Curative spending while a patient is on hospice. Visit patterns across the week.

On the home health side, the flags are familiar. OASIS coding that lifts patients into higher-paying groups. Therapy use that drifts from what a patient's condition predicts. Visiting just enough to clear a payment threshold.

A predictive tool built to optimize any of these is, by design, a tool that walks you toward the patterns CMS is watching for. The agency carries the liability. The vendor does not.

Why a black-box tool is hard to defend

Two tools trained on the same patient data can disagree. A model trained on clinician certifications tends to predict eligibility. A model trained on auditor denials tends to restrict it. Same inputs, opposite recommendations. The agency owns whichever answer it billed on.

The harder problem is defensibility. Say AI informed a recertification, and the agency cannot explain the clinical basis. No model documentation. No record of where the data came from. No human reconciliation. There is nothing to put in front of a reviewer. If a tool cannot explain a recommendation, the agency cannot defend it.

The defensible position

The response is not a new regulatory regime, and it is not a software purchase. It maps to something every agency already owes under OIG guidance. The seven elements of an effective compliance program, applied to the AI tools you and your vendors are already running. A written policy. Oversight. Training. Auditing and monitoring. Prompt correction. The same obligations, pointed at the tools no one has governed yet.

In practice that means a few concrete things. A policy that treats AI as one input and never the final word on eligibility or coding. A clear rule that a clinician decides and documents the clinical basis, every time. An inventory of which tools touch a billable decision. A regular check on where your billing sits against the patterns CMS scores, so you catch the drift before an analytics model does.

Where I fit

I am a PhD clinician who has worked inside interdisciplinary care teams. I help hospice, home health, and palliative care agencies put governance around the AI they already use, written for the people who have to follow the policy. If any of this sounds like your agency, I am happy to talk it through.

AI Governance and CMS Fraud-Defense

From a written policy through a full tool-by-tool defensibility review you can hand an auditor. Fixed tiers, from $1,800. See what is included and what it costs.

View the tiers →

Related reading

Your staff are already using AI: the HIPAA risk →

Sources

CMS enrollment moratorium press release and survey memo (QSO-26-11); CMS Fraud Defense Operations Center fact sheet; GAO report GAO-26-107799 on CMS data analytics; DOJ June 2025 national health care fraud takedown; CMS hospice Service and Spending Variation Index; OIG report OEI-02-10-00491 on general inpatient hospice care; OIG General Compliance Program Guidance.