What Does ‘Billing for Services Not Delivered’ Look Like in Real Cases?

In my twelve years working between healthcare compliance and legal writing, I have learned one absolute truth: federal investigators rarely stumble upon fraud by accident. By the time an agent knocks on the door, they have usually spent months—or years—reviewing data that makes your billing patterns look, statistically speaking, impossible.

image

“Billing for services not delivered,” often referred to in the industry as phantom billing, is the most straightforward yet most damaging allegation a practice can face. It is not always the result of a malicious scheme to steal money. Sometimes, it’s the result of lazy documentation, auto-populating Electronic Health Records (EHR) templates, or poor communication between the front desk and the billing department. Regardless of intent, the 2026 Medicaid fraud enforcement escalation is changing how regulators view these gaps. They no longer care if you "meant" to do it; they care about the mismatch between the claim and the patient record.

The Anatomy of a Phantom Billing Case

Phantom billing sounds like a high-level conspiracy, but in practice, it usually manifests in mundane, traceable errors. When we look at actual enforcement actions, the “crime” often looks remarkably like a documentation failure. Let’s look at two concrete examples of how this plays out.

Example 1: The "Auto-Populated" Note

A primary care clinic used an EHR system where clicking "Comprehensive Exam" automatically populated a template with 15 different elements, including a review of systems and physical examination findings. However, the providers were seeing 40 patients a day and weren't actually performing all 15 elements for every patient.

When the Centers for Medicare & Medicaid Services (CMS)—the federal agency that oversees the Medicare and Medicaid programs—ran their data analytics, they flagged this clinic for having a 100% documentation match rate. Statistically, it is impossible for every single patient to have the exact same clinical findings. The "service delivered" was recorded, but the service documented did not match the physical reality of the visit. The result? A massive clawback for claims review Medicaid audits.

image

Example 2: The No-Show Trap

A therapy group had a policy where they billed for a session if a patient canceled within 24 hours. They coded these as billable therapy sessions. The problem? You cannot bill a federal program for a service that was not rendered. The State Medicaid Integrity Contractors (SMIC)—the organizations contracted by state governments to audit Medicaid providers—compared the clinic's billing logs against the physical sign-in sheets at the front desk. They found dozens of "sessions" billed for patients who were confirmed to be at work, school, or otherwise absent. The clinic viewed this as a business practice; the government viewed it as systemic phantom billing.

How CMS Data Analytics Changes the Game

Years ago, audits were primarily retrospective—someone would tip off the government, and they would dig. Today, CMS data analytics allows for proactive, real-time monitoring. These platforms ingest massive data sets from across the country to identify billing anomaly flags.

If your clinic is the only one in a 50-mile radius billing for high-level complex care management for every single patient interaction, you are going to trigger a flag. These systems look for:

    Unusual billing frequencies: Doctors billing 30 hours of work in a 24-hour day. Documentation mismatch: EHR notes that are identical for different patients. Geographic outliers: Billing for services that are statistically incongruent with local population health data.

The 2026 Escalation: Why Federal Funding Matters

As we head into 2026, the enforcement environment is shifting. We are seeing a concerted effort to tighten the strings on federal funding provided to state programs. The federal government uses this money as leverage, conditioning ongoing financial support on the state’s ability to prove they are actively policing their own networks.

Because the states are under pressure to show results, they are outsourcing more of this work to State Medicaid Integrity Contractors (SMICs). These contractors are paid to find issues. They are not looking for "nuance." They are looking for hard evidence that a claim is invalid. When a SMIC flags a practice, the first step is often a payment pause or a reimbursement deferral. This is not a "negotiation" phase; it is a liquidity crisis for the provider while the government verifies the data.

Don't "Just Cooperate"—Understand the Risk

You will hear consultants say, "Just cooperate with the auditors, and everything will be fine." This is dangerous advice. "Cooperating" without a strategy can be the fastest way to admit to things you didn't actually do.

When you receive a notice of a claims review Medicaid action, your first step is public fact-checking of your Medicaid coverage 69 million people statistics own data. Before you send a single record to a SMIC, you must reconcile your billing records with your clinical notes. If there is a discrepancy, you need to understand *why* it exists before you explain it to an investigator. If you don't know the reason, don't guess. Vague explanations provided in the heat of an audit are frequently used against you in subsequent False Claims Act proceedings.

Compliance Checklist: Preparing for 2026

Use this checklist to audit your own processes before an external agent does it for you.

Review EHR Templates: Are your templates auto-populating information that you aren't actually assessing? If so, turn off the auto-fill functions immediately. Verify Sign-In Sheets vs. Claims: Perform a random sample of 20 patients from the last quarter. Compare the physical sign-in time/date to the claim submitted. Check Your Outlier Status: Request your practice’s billing profile from your billing software vendor to see how you compare to national benchmarks. Establish a "No-Bill" Policy: Ensure your staff knows explicitly that a "no-show" or "canceled appointment" is never to be coded as a face-to-face service. Documentation Audit: Have a third party—not the person who wrote the notes—read a set of notes to see if they can identify the patient's specific condition based *only* on the documentation. If the note is generic, the service is "phantom" in the eyes of an auditor.

Quick Reference Table: The Enforcement Lifecycle

Phase What is Happening Provider Action Data Mining CMS/SMIC software flags your billing patterns as outliers. Run internal benchmark reports. Trigger/Flag An anomaly flag is generated for a specific code or provider. Perform a pre-audit of 10-20 charts. Request for Records The SMIC requests clinical documentation for specific dates. Legal review of records before disclosure. Audit Findings The SMIC identifies a documentation mismatch or phantom billing. Draft a formal response with counsel. Resolution Payment deferral or formal settlement. Monitor future billing compliance.

Final Thoughts

The goal of compliance is not to achieve perfection—it is to achieve accuracy. In 2026, the government has the tools to see the disconnect between your billing claims and your reality. The difference between a routine audit and a nightmare legal case often comes down to how well you understand the data you are submitting. Stop relying on automated templates and start verifying your clinical documentation. It is the cheapest insurance policy your practice will ever buy.