Healthcare billing fraud

Project Nightingale

Upcoding allegations tied to a shell vendor, claims spikes, and internal coding guidance.

Idle

Source: prototype fallback

Guided demo

Evidence files

Entities

Review flags

Timeline events

Sponsor-backed analysis

Run the current case through the live processing seam and keep the prototype data as a safe fallback.

Loading the latest live status...

Blaxel

CrustData

Case summary

Mercy connects the whistleblower tip, claims exports, internal emails, and vendor contracts into a coherent allegation that a billing services intermediary drove systematic upcoding across two clinics in Q2 2024.

Initial tip

Former revenue-cycle manager reports that Meridian Care hired Hollow Brook Analytics to “optimize” billing. Within six weeks, high-acuity claim codes spiked and internal staff were told to stop documenting prior authorization exceptions in email.

Trust review

Claims export contains patient names — Approved redaction before summary generation.

Email thread references prior authorization exceptions — Keep full text in investigator-only view.

Open questions

Do additional patient interviews corroborate the coding guidance memo?

Was Hollow Brook compensated on recovered reimbursement volume?

Security proof

Case trust boundary

This panel turns the TEE, attestation, and secure key release path into artifacts an analyst or buyer can inspect.

Preview envelope

Artifact detail

Remote attestation

Mercy verified the enclave measurement before opening sensitive evidence.

Preview envelope

This prototype shows the attestation envelope Mercy expects before sensitive prompts and evidence are mounted in production.

Results

Cryptographically secure

tee_tcb_svn

0601030000000000

mr_td

b2bac8beb3baca51b0bac598b1bac72bb6bacf0ab7bad09d

rt_mr3

ff384637fe3844a40138495d003847cafb383febfa383e58

tee_tcb_svn

0601030000000000

mr_td

b2bac8beb3baca51b0bac598b1bac72bb6bacf0ab7bad09d

rt_mr3

ff384637fe3844a40138495d003847cafb383febfa383e58

report_data

6428cff16328ce5e6228cccb6128cb386828d63d6728d4aa

Runtime

Preview attestation envelope

Verified at

2026-03-08T09:42:11Z

Quote reference

mr_signer:e4457b8de34579fa · mr_enclave:d9419ee8-da41a07b-db41a20e-dc41a3a1

Policy and audit checks

`mr_td` matched the expected trust-domain boot measurement.

`rt_mr3` stayed bound to the application configuration and key path.

`report_data` bound the quote to Mercy’s run-specific challenge.

Recent activity

Entity extraction complete

09:12

18 entities linked across 43 files.

PHI spans flagged

09:25

14 patient identifiers held for review.

Timeline generated

09:41

12 events arranged from contract signature to tip receipt.

Redaction log

claim_batch_q2_2024.xlsx

Patient identifiers

Sanitized for export

coding_escalation_thread.eml

Insurance member IDs

Sanitized for export