Eventually, any health care organization with an effective compliance program is very likely to discover an issue that raises potential liability and requires disclosure to a government entity. While we largely discuss False Claims Act (FCA) litigation and defense issues on this blog, a complementary issue is how to address matters that raise potential liability risks for an organization proactively.

On August 11, 2017, a group of affiliated home health providers in Tennessee (referred to collectively as “Home Health Providers”) entered into an FCA settlement agreement with the US Department of Justice (DOJ) and the US Department of Health and Human Services Office of Inspector General (OIG) for $1.8 million to resolve self-disclosed, potential violations of the Stark Law, the Federal Anti-Kickback Statute, and a failure to meet certain Medicare coverage and payment requirements for home health services. This settlement agreement underscores the strategic considerations that providers must weigh as they face self-disclosing potential violations to the US government.

Background

The $1.8 million settlement results from a voluntary disclosure by Home Health Providers to the US Attorney’s Office (USAO) for the Eastern District of Tennessee in November 2010 relating to potential violations of the Stark Law that were identified during an ongoing internal audit. Home Health Providers supplemented the self-disclosure over the ensuing years as its internal investigation identified additional potential violations.

Almost seven years after the initial disclosure, the settlement agreement resolves Home Health Providers’ potential False Claims Act (FCA) liability from several categories of alleged violations, including submission of claims for home health services that lacked sufficient face-to-face encounter documentation, claims with false or invalid certifications, and violations of the Stark Law and Anti-Kickback statute based on allegedly improper compensation arrangements with physicians. The Stark and Anti-Kickback allegations relate to compensation in the form of marketing expenditures, payments to a restaurant owned by immediate family members of a referring physician, the provision of free equipment and staff services to a referring physician’s practice, medical director and lease provisions with physicians that were not properly memorialized in writing, and insufficient documentation of other financial arrangements. Home Health Providers did not admit any liability under the terms of the settlement agreement.

Key Considerations for Self-Disclosure

The Home Health Providers settlement with DOJ and OIG highlights the importance of self-disclosure and underscores strategic considerations a provider must weigh when contemplating self disclosure.

As a practical matter, in light of the overpayment refund obligations established by Section 6402 of the Affordable Care Act—the “60 Day Rule”—providers who have identified an overpayment have little discretion with respect to whether or not to self-disclose. Overpayments retained after they have been identified, and not returned in a timely manner, may give rise to FCA liability for “knowingly concealing or knowingly or improperly avoiding or decreasing” an obligation to the government pursuant to the FCA’s reverse false claims provision. Providers who fail to refund may also face monetary penalties and/or exclusion from participation in federal health care programs. Considerable analysis is often required to determine whether an overpayment exists as a legal and factual matter. Given the complex health care regulatory environment, determining whether as a legal matter an overpayment actually exists can be a judgment call and risk tolerance determination for the organization. Further, the facts surrounding a particular situation often cannot be conclusively established due to the passage of time, changes in personnel, loss of documents and changes in billing systems. Ultimately, organizations must decide whether there is a reasonable position that there is or is not an overpayment. If the decision is the former, then the question providers must wrestle with is not whether to disclose, but rather to whom the disclosure should be made.

The first possible disclosure avenue is via making a refund to the contractor. This option does not provide a release of potential liabilities, but does remove the possibility of being accused of improperly retaining an overpayment. If the dollar amount is not significant to the organization, and there is little risk of potential liability under fraud statutes, then refunding the overpayment can be a reasonable and cost-effective pathway.

If a provider has discovered a potential overpayment that might involve possible liability risks under fraud statutes, the provider is generally faced with the choice of disclosure to the OIG, the Centers for Medicare and Medicaid Services (CMS) and/or the relevant state Medicaid entity, or DOJ. There are several factors that can inform a provider’s choice of agency for a self-disclosure, including, among others: (1) the nature of the potential violation; (2) the amount and nature of potential damages; (3) the risk of a potential whistleblower; and (4) the extent of the release the provider wishes to obtain. Although the point of entry does matter, it is important to recognize that these agencies will coordinate and consult with one another regarding any self-disclosure.

OIG Self-Disclosure Protocol

The OIG has a Provider Self-Disclosure Protocol (OIG SDP), which is accessible here. The OIG SDP is available for providers who have identified potential violations relating to the federal criminal, civil or administrative laws for which OIG may impose a civil monetary penalty (CMP). For example, providers can use the OIG SDP to disclose potential violations of the Federal Anti-Kickback Statute, false billing issues or the employment of (or contracting with) an individual or entity who appears on OIG’s List of Excluded Individuals and Entities (LEIE). Note that the OIG SDP is not a vehicle for disclosing potential Stark Law violations unless the provider has also identified at least a colorable violation of the Anti-Kickback Statute. Self-disclosures limited to Stark Law violations can be made through CMS’s Voluntary Self-Referral Disclosure Protocol.

The OIG SDP provides that the agency will generally require a minimum multiplier of 1.5 times the single damages, and will presumptively not require a Corporate Integrity Agreement (CIA) in exchange for the release of OIG’s exclusion authorities. Providers that self-disclose must be in a position to provide an estimate of damages within ninety (90) days of the date of the submission. Thus, providers are cautioned to time their self-disclosure to the OIG with this obligation in mind. For self-disclosures relating to the Anti-Kickback Statute (which may also include potential violations of the Stark Law), the OIG may enter into a settlement based on the amount of the improper remuneration, rather than the amount of the overpayment by the federal health care program. Depending on the nature of the violation, this approach has the potential to offer providers a substantial decrease in the settlement amount.

While the OIG coordinates with the DOJ when resolving self-disclosures, if the OIG is the only agency that participates in the settlement, the release that the provider can obtain is limited to matters subject to OIG’s civil monetary penalty (CMP) and exclusion authorities. The OIG alone cannot provide a release from potential FCA liability. However, an OIG settlement can provide some protection against future relator claims under the FCA’s public disclosure bar. In addition, OIG coordinates with the DOJ in resolving OIG SDP matters. Thus, if OIG offers to resolve the matter under its CMP and exclusion authorities, it is likely that this resolution would satisfy the DOJ, who ultimately serves the interests of the client agency. Depending on the facts, it can be in the provider’s interest to ensure the DOJ is at the table to obtain the FCA release. However, that broader release from DOJ may ultimately increase the size of the settlement owed to the government.

CMS Voluntary Self-Referral Disclosure Protocol

The Affordable Care Act required the establishment of a voluntary self-referral disclosure protocol (SRDP). CMS established the SRDP in 2010 and has subsequently updated the protocol. The SRDP can be used by providers to disclose potential violations of the Stark Law.

Settlements under the SRDP are based on a percentage of the overpayment—i.e., the amount of the claims submitted in violation of the Stark Law’s billing prohibition. While there is no published formula, experience suggests that CMS may be willing to resolve Stark issues for a percentage of the overpayment amount. CMS considers a variety of factors in determining the settlement amount, including: (1) the nature and extent of the improper or illegal practice; (2) the timeliness of the self-disclosure; and (3) the cooperation in providing additional information related to the disclosure. Under the SRDP, CMS releases the provider from liability under section 1877(g)(1), which prohibits payment for designated health services furnished pursuant to a prohibited referral. CMS does not have the authority to provide a broader release for providers.

Disclosure to DOJ

Providers may elect to self-disclose directly to the DOJ. Unlike the OIG and CMS, the DOJ does not have a formal self-disclosure protocol. Generally, the pathway is to disclose to the USAO in the district where the provider is located.

One of the advantages of disclosure to the DOJ is the potential to obtain a release from potential FCA liability. This release often comes at a price for providers, as the DOJ may apply a larger multiplier than the OIG for its settlements. When making the decision to disclose to the DOJ, providers should consider the strength of the entity’s or counsel’s relationship with the USAO, the potential monetary value of the conduct, the thoroughness of the internal investigation and to what extent the facts developed in the investigation create potential FCA risk. Disclosure to DOJ is typically reserved for situations involving complex or extensive conduct where having an FCA release provides the most comfort to the organization. For providers seeking a resolution that fully and completely addresses a particular issue, the DOJ’s full release may be worth it. Notably, OIG’s typical practice in DOJ self-disclosures is to release its exclusion authorities without requiring a CIA, similar to the OIG SDP.

Conclusion

Self-disclosure has become a critical component of effective compliance programs, as providers who identify overpayments face an affirmative legal obligation to return the overpayment to the government. Making this decision is complicated and requires an organization to decide based on the legal and factual results of the investigation and the risk tolerance-comfort level disposition of the management team and board. Providers should carefully consider self-disclosure options to assess the optimal pathway for resolution. Regardless of which disclosure pathway a provider selects, certain best practices apply to position the organization for the best possible outcome. First, ensure the disclosure is complete and accurate to the best of the provider’s ability. Government lawyers expect that the factual representations are accurate and made in good faith so that they can be comfortable relying on those representations in resolving the conduct without doing an independent investigation. Nonetheless, it is not uncommon for the government to pressure test certain aspects of the disclosure. Second, providers should be prepared. Once the decision is made to disclose and to whom to disclose, the provider should take steps necessary to prepare a complete submission and be ready to engage with the government. In some situations, a submission may need to include questions to the government on how they would like the provider to proceed with certain issues to complete the submission. Being prepared also entails timely responses to additional information requests. Finally, cooperation is key. Effective cooperation with the government’s review process helps ensure a smooth resolution.