Blog Post

Key Lessons for Healthcare Compliance: 5 Examples of Whistleblowing in the Workplace

October 2025

The Department of Justice (DOJ) retrieved nearly $3 billion in False Claims Act (FCA) settlements in 2024, based on almost 1,000 separate whistleblower reports. But what does this mean for healthcare compliance leaders—and what can you learn from these incidents?

This article explores five real-world examples of whistleblowing in the workplace to offer actionable insights that will help your organization protect its patients, reputation, and bottom line. 

Expect to learn:

  • How and why whistleblowers are protected under federal law
  • What one whistleblower exposed to generate a nearly $100 million settlement
  • Key steps compliance leaders must take to protect and encourage whistleblowers

Healthcare Whistleblowers: An Expert Overview

What is a Whistleblower?

Whistleblowers are employees, contractors, or vendors who bring to light ethical, regulatory, and safety concerns about behavior or practices within an organization. Whistleblowers play a critical role in protecting public safety and taxpayer dollars. Still, their decision to come forward often carries significant personal risk: they may face retaliation, job loss, or professional isolation. 

Despite these dangers, whistleblowers serve as essential checks against organizational misconduct, particularly in healthcare, where their disclosures can prevent patient harm and recover billions in fraudulent billing.

What Kind of Information Do Whistleblowers Expose?

Healthcare whistleblowers can expose a wide range of wrongdoing. The most common cases relate to: 

  • Fraudulent Billing: From charging for unnecessary treatments to billing government health programs for care that was never administered, these reports relate to the False Claims Act (FCA).
  • Patient and Employee Safety: From a lack of Personal Protective Equipment to understaffing, whistleblowers may report concerns that their employer is not adequately protecting staff or patients. These complaints could be filed via several different regulatory bodies, including the Occupational Safety and Health Administration (OSHA) or The Joint Commission (TJC).
  • Data Privacy and Security: Whistleblowers may draw attention to inadequate data safeguards, cybersecurity measures, or active breaches by their colleagues. The Health Insurance Portability and Accountability Act (HIPAA) generally enforces strict rules regarding the disclosure of protected health information (PHI). However, HIPAA contains a specific exemption that allows employees to share data without permission or proper authorization with their lawyers, provided the purpose is to gain legal advice about filing a complaint against their employer. 

Despite the protections in place through the FCA, HIPAA, and other rules, many whistleblowers still fear retaliation. 

Can Whistleblowers Be Identified?

Whistleblowers should not be identified personally against their wishes. Most individuals report misconduct anonymously or confidentially through internal hotlines, external regulatory bodies, or legal channels designed to protect their identity. The U.S. Sentencing Commission and Department of Justice guidelines promote anonymous reporting as essential to effective compliance programs, recognizing that anonymity encourages people to report serious misconduct.

However, this does not always provide proper protection. Whistleblowers’ identities may be revealed through court filings in False Claims Act cases, government investigations that narrow down possible sources, or organizational leaks that breach confidentiality. Once a whistleblower’s identity is exposed, the consequences can be severe.

Whistleblowers face substantial risks, including job loss, demotion, hostile work environments, and coordinated campaigns to discredit their allegations. These consequences create powerful deterrents that prevent many people from reporting misconduct, even when they witness serious violations.

The False Claims Act provides anti-retaliation provisions and financial incentives (15-30 percent of recovered funds) for those who expose fraud against government programs. State whistleblower laws and OSHA provisions offer additional protections, though enforcement often requires whistleblowers to endure years of legal battles before receiving vindication.

5 Real-Life Healthcare Whistleblower Cases 

Here are five real-life healthcare whistleblower cases, each illustrating how the False Claims Act and other mechanisms have been used to uncover fraud, neglect, or abuse in healthcare settings:

  1. Bay Area Whistleblower Partners vs. ReNew Health Group LLC

During the height of the COVID-19 pandemic, a California nursing home chain saw an opportunity to exploit emergency relief measures designed to help overwhelmed hospitals. ReNew Health Group LLC allegedly began billing Medicare for “skilled nursing care” whenever residents were simply near someone with COVID-19—even if those residents had no acute illness or treatment needs.

The case was brought to light by a group called Bay Area Whistleblower Partners. They exposed the scheme through the whistleblower provision in the False Claims Act—leading to widespread news coverage and a nearly $7 million settlement.

  1. Six Detroit Nursing Homes (VFS / VOI) 

For years, elderly and disabled residents in six Detroit-area nursing homes lived in facilities that allegedly failed to meet basic care standards—yet the operators continued billing Medicare and Medicaid as if they were providing quality care. Residents faced severe understaffing, inadequate infection control, improper fall prevention, and neglected daily living needs, including toileting assistance.

When whistleblowers known as Detroit Integrity Partners exposed these systematic failures, the nursing homes’ owners—Villa Financial Services LLC (VFS) and Villa Olympia Investment LLC (VOI)—faced significant repercussions. The story gained widespread media attention, and ultimately led to a $4.5 million settlement in 2025.

  1. Guardian Elder Care Holdings

Rehabilitation therapy should help patients recover—but what happens when financial targets drive treatment decisions instead of medical need? Guardian Elder Care Holdings, operating over 50 nursing facilities across Pennsylvania, Ohio, and West Virginia, allegedly billed Medicare at the highest reimbursement levels regardless of whether patients actually needed such intensive therapy.

Two former Guardian employees, Phillipa Krause and Julie White, exposed this widespread fraud before Guardian Elder Care itself made a voluntary disclosure that it had employed two excluded individuals. This decision was strongly lauded, though the case still led to a $15.4 million settlement, with the whistleblowers receiving approximately $2.8 million for their role in uncovering the misconduct.

  1. Teresa Ross vs. Medicare Advantage Insurer

One New York-based health insurance company found a lucrative loophole: by mining patient medical records and adding diagnosis codes that exaggerated how sick patients were, they could dramatically increase their payments from Medicare Advantage. The scheme allegedly involved adding diagnoses such as “major depressive disorder” for patients described as having an “amazingly sunny disposition,” and billing for chronic kidney disease without any supporting documentation.

The case was brought to light by Teresa Ross, a former medical coding professional. She exposed the scheme through the whistleblower provision in the False Claims Act—leading to a settlement of up to $100 million, with Ross receiving at least $8.2 million.

  1. Omnicare/CVS Case

Between 2010 and 2018, Omnicare—the country’s largest long-term care pharmacy and a CVS Health subsidiary—allegedly dispensed medications to elderly and disabled residents without valid prescriptions. When original prescriptions expired or ran out of refills, the company reportedly assigned new prescription numbers without the required documentation or pharmacist approvals, then billed government programs anyway.

The case was exposed through the whistleblower provision in the False Claims Act . After a four-week trial, a federal judge ordered $948.8 million in penalties and damages, making it one of the largest judgments in healthcare fraud history.

3 Lessons to Learn From These Cases 

While these cases present specific scenarios, compliance leaders should take a few important lessons from these examples:

1. Investigate All Cases

    Many of these whistleblower cases were made worse by either poor internal reporting structures or resistance from internal leadership. For example, Teressa Ross told Bloomberg that she initially tried to get her employer to fix their fraudulent Medicare submissions. It was only when she was rebuffed that she filed a lawsuit that would ultimately take 12 years and cost the organization nearly $100 million.

    This scenario is not uncommon. Far too often, complaints are filed or concerns raised, but they are either ignored, delayed, or lost within a poorly built internal reporting system. The consequences can be catastrophic:

    Healthcare compliance leaders must therefore prioritize building reporting systems that ensure every complaint is recorded, investigated, and resolved with full transparency. 

    2. Protect Anonymity

      The case against Detroit’s VFS and VOI nursing homes may not have made it to court without the protection of anonymity. The whistleblowers, known collectively as  “Detroit Integrity Partners” remain unidentified in all legal filings. Their ability to report misconduct confidentially was key to exposing widespread neglect and fraudulent billing. Even though the FCA and OSHA laws provide non-retaliation protection, many individuals will still fear the consequences of bringing forward a case of this size and severity.

      The lesson here is simple: every whistleblower must be confident that their identity is safe. Extra steps should be taken to reinforce this message internally. It may be necessary to highlight the presence of third-party hotlines or reporting systems that allow employees to make their complaints to individuals outside the internal workforce.

      This will help encourage employees to report issues before they escalate to external regulators or the media. This keeps problems manageable and allows leaders to respond in the most effective, efficient, and safest way possible. 

      3. Institutionalize Accountability

        The Guardian Elder Care case offers an instructive contrast to the other cases. While whistleblowers Phillipa Krause and Julie White exposed the medically unnecessary therapy billing, the company itself also made a voluntary disclosure that it had employed excluded individuals. This proactive step gained the organization praise from the investigating attorneys and likely helped preserve their reputation.

        It serves to illustrate a powerful point: protecting and encouraging whistleblowers allows an organization to keep control of the situation. If employees believe their concerns will be taken seriously, they are far less likely to pursue external legal channels.   Effective compliance programs allow organizations to take accountability and fix the problem proactively, rather than simply waiting for the court case.

        Deploy a Hotline Service Your Employees Trust

        These examples illustrate the dangers of underperforming or poorly run compliance hotlines. Rather than catching regulatory problems and dealing with them swiftly, organizations are left in long, expensive legal battles—resulting in steep settlements and lasting reputational harm.

        That’s why many healthcare organizations rely on Compliance Resource Center to build, manage, and optimize their whistleblower hotlines. We deliver expert 24/7 ethics and compliance hotlines to:

        • Simplify Reporting: Our web and phone-based hotlines make it easy to report concerns.
        • Protect Whistleblowers: Our neutrality as a third-party provider ensures employees feel safe and trust that their identity will be protected.
        • Resolve Complaints: Our system instantly sends alerts and helps you document and deal with complaints swiftly.

        Want to avoid whistleblower cases like these and protect your patients, reputation, and bottom line?

        Book a Demo

        Subscribe to blog

        Build an effective compliance program with expert hotlines, sanctions screening, training, and more.

        Speak to an Expert