DOJ's New West Coast Health Care Fraud Strike Force: What Digital Health Companies Need to Know

From the West Coast Healthcare Desk

The U.S. Department of Justice's (DOJ) National Fraud Enforcement Division announced the formation of the West Coast Health Care Fraud Strike Force, a multidistrict initiative uniting the Division's Health Care Fraud Section with the U.S. Attorney's Offices for the districts of Arizona, Nevada and Northern California. Though this announcement carries implications for the entire healthcare industry, digital health companies – particularly those operating in or connected to Northern California – face a uniquely heightened enforcement risk that demands immediate attention from boards, compliance teams and outside counsel.

Why Digital Health Is Squarely in the Crosshairs

The DOJ's announcement is notable not just for what it does, but for what it signals. Craig Missakian, the U.S. Attorney for the Northern District of California, explicitly stated that "Silicon Valley has become ground zero for technology-driven health care fraud schemes that seek to cheat taxpayer-funded programs like Medicare." This reflects a deliberate strategic framing of digital health innovation corridors as fraud hotspots requiring dedicated federal resources.

The Strike Force's formation was driven, in DOJ's words, by "data showing a significant and accelerating increase in health care fraud across all three districts." That the Northern District of California was described as "one of the nation's most significant health care technology hubs" signals that DOJ may subject health tech startups, telehealth platforms and artificial intelligence (AI)-enabled care delivery models to enhanced scrutiny.

The Data-Driven Enforcement Model and What It Means for Digital Health

The Strike Force model is fundamentally a data analytics operation. U.S. Department of Health and Human Services (HHS) Office of the Inspector General (OIG) Acting Deputy Inspector General Scott Lampert stated that the Strike Force utilizes "a coordinated and data-driven approach to identifying, investigating and prosecuting fraud." He further warned, "many of these schemes are driven by sham operations designed to appear legitimate while exploiting patients and inflating claims through increasingly sophisticated methods."

For digital health companies, this data-driven approach carries particular significance. Companies that operate at scale – processing thousands of patient encounters, prescriptions or claims through automated systems – generate precisely the type of billing pattern data that analytics can flag. Unusual geographic patient distributions, outlier volumes, rapid patient acquisition curves and high rates of certain billing codes are all patterns that a data-driven Strike Force is designed to detect.

The DOJ reported that the Health Care Fraud Section has demonstrated an average return on investment of $106.76 per $1 spent over a 10-year period (fiscal years 2021 to 2024), with more than $4.5 billion in projected savings. These numbers reflect a self-sustaining enforcement machine with powerful financial incentives to pursue high-dollar, technology-enabled fraud cases.

The Corporate Disclosure Dimension

Notably, the DOJ's announcement references the department's corporate enforcement policy for criminal matters, which "creates incentives for companies to voluntarily disclose when misconduct occurs." Digital health companies – many of which are venture-backed, pre-initial public offering or recently public – must carefully consider the interplay between this disclosure policy and their obligations to investors, boards and regulatory bodies. The decision of whether and when to self-disclose potential compliance failures has become significantly more consequential in light of a dedicated Strike Force with resources specifically allocated to the digital health sector.

The Multiagency Threat

The Strike Force is not a DOJ-only initiative. It operates in partnership with the HHS OIG, FBI, U.S. Drug Enforcement Administration (DEA) and other law enforcement partners. DEA Assistant Administrator Cheri Oz specifically warned that "medical professionals who divert controlled substances, like Adderall or Xanax" will face enforcement action. For digital health companies operating in the telehealth prescribing space, this multiagency coordination means that a single compliance gap could trigger simultaneous investigations from multiple federal agencies with overlapping but distinct jurisdictional authorities.

Practical Implications and Recommended Actions

Digital health companies should consider the following steps in light of this enforcement expansion:

• Reassess Compliance Infrastructure Relative to Growth Velocity. The prosecutions cited by the DOJ share a common feature: technology companies that scaled rapidly while compliance programs lagged behind. Companies should ensure that their compliance investment is proportional to their billing volume and patient acquisition rate.
• Audit Prescribing Practices and Controlled Substance Protocols. The repeated emphasis on Adderall distribution and controlled substance diversion reflects a clear DOJ priority. Companies in the telehealth prescribing space should conduct privileged internal reviews of their prescribing volumes, clinical oversight mechanisms and patient eligibility verification processes.
• Evaluate Platform Liability Exposure. One prosecution discussed in the press release demonstrates that technology platforms can face criminal liability for enabling fraudulent billing, even when the platform operator is not the direct billing party. Companies that provide software, ordering systems or claims processing infrastructure should review their exposure under theories of conspiracy, aiding and abetting, and the Anti-Kickback Statute.
• Consider the Voluntary Disclosure Calculus. The DOJ's explicit reference to the corporate enforcement policy's disclosure incentives, combined with a dedicated regional Strike Force, could change the risk-reward analysis for self-disclosure. Companies that have identified potential compliance issues should engage experienced white-collar counsel to evaluate whether voluntary disclosure is advisable before the Strike Force identifies the issue through its own data analytics.
• Monitor Arizona and Nevada Exposure. The DOJ specifically noted the "migration of fraud schemes to Arizona and Nevada." Digital health companies with patient populations, provider networks or operational infrastructure in these states face heightened scrutiny, as the Strike Force has identified these jurisdictions as destinations for schemes seeking to evade enforcement in more established markets.

Conclusion

The formation of the West Coast Health Care Fraud Strike Force represents more than a routine enforcement expansion. As the announcement notes, the Strike Force model is "one of the most powerful tools in the federal enforcement arsenal," and the focus on the Northern District of California as a "significant health care technology hub" suggests that the next generation of major healthcare fraud prosecutions could center on digital platforms, telehealth companies and health tech startups. Companies operating in this space should treat this announcement as a clear signal that the enforcement environment has fundamentally changed and ensure that they are prepared for additional enforcement scrutiny by internally assessing their compliance and anti-fraud initiatives.

For questions, please contact the authors.

Information contained in this alert is for the general education and knowledge of our readers. It is not designed to be, and should not be used as, the sole source of information when analyzing and resolving a legal problem, and it should not be substituted for legal advice, which relies on a specific factual analysis. Moreover, the laws of each jurisdiction are different and are constantly changing. This information is not intended to create, and receipt of it does not constitute, an attorney-client relationship. If you have specific questions regarding a particular fact situation, we urge you to consult the authors of this publication, your Holland & Knight representative or other competent legal counsel.