For Providers‎ > ‎

Fraud and Abuse Compliance

Annual healthcare expenditures in the United States currently exceed $2.5 trillion dollars.  Publicly funded healthcare spending, including Medicare, Medicaid, Children's Health Insurance Programs (CHIPs), Tricare and the like, amounts to over $1.1 trillion dollars a year. We are witnessing continually increasing healthcare costs, extremely strained government budgets and public outcry over deficits, a potentially massive increase in the number of insureds under federal healthcare reform and a corresponding shortage of providers, an increasingly complex regulatory environment, and sharply increased fraud enforcement.
 
Fraud enforcement is being viewed as one of the solutions to bring down healthcare costs. From 2008-2010, every $1 the federal government spent under its healthcare fraud and abuse control programs averaged a return on investment of $6.80. The incentive for increased fraud and abuse investigations and their corresponding recoveries has never been greater.

Healthcare fraud can take many forms and can occur in any provider's business:

  • Incorrect reporting of diagnoses or procedures to maximize payments
  • billing for services outside the provider's scope of practice or licensure
  • Billing for services not furnished or supplies not provided
  • Application for duplicate payment for the same services or supplies
  • Billing a public healthcare program and a beneficiary for the same service
  • Billing a public healthcare program and another insurer in an attempt to get paid twice
  • Altering claim forms, electronic claim records, medical documentation, etc., to obtain a higher payment amount
  • Soliciting, offering, paying or receiving a kickback, bribe, or rebate
  • Violating the physician self-referral laws
  • Unbundling charges
  • Completing Certificates of Medical Necessity (CMNs) for patients not personally and professionally known by the provider
  • Participating in schemes that involve collusion between a provider and a beneficiary, or between a supplier and a provider, resulting in higher costs or charges to a publicly funded healthcare program
  • Billing for group services as multiple individual services
  • Misrepresentation of dates and descriptions of services or the identity of the beneficiary or the provider who furnished the services
  • Billing non-covered or non-chargeable services as covered items
  • Violating a participation agreement or assignment agreement
  • Giving false information about provider ownership in other providers
  • inappropriate cost report items and accounting manipulations
The governmental programs designed to conduct healthcare fraud and abuse investigations and yield their recoveries are becoming well established and will only become more firmly entrenched in the healthcare provider operating environment. Affiliated Contractors (ACs), Comprehensive Error Rate Testing (CERT) contractors, Medicare Administrative Contractors (MACs), Recovery Audit Contractors (RACs), Program Safeguard Contractor (PSCs), Zone Program Integrity Contractors (ZPICs), Medicaid Fraud Control Units (MFCUs) and Medicaid Integrity Contractors (MICs) are utilizing sophisticated methods of analyzing data and uncovering patterns of potential fraud and abuse for further investigation. In this environment, an ongoing, effective regulatory compliance program should be a given. The components of such programs that are easiest to neglect are regular audits and corrective actions. Providers should anticipate that their own claims data will come under scrutiny at some point and equip themselves to communicate effectively and persuasively with investigators, demonstrating an active, good-faith corrective action program, because a determination that fraud has been committed against a publicly funded healthcare program can result in the imposition of restitution, civil monetary penalties, exclusion from participation in the programs, criminal penalties and imprisonment.

Program Integrity Contractors and Units

One of the primary stated goals of the Centers for Medicare & Medicaid Services (CMS) is to pay correct amounts to legitimate providers, for covered, correctly coded and correctly billed services, provided to an eligible beneficiary. To achieve its goal of lowering error rates, CMS utilizes the services of Affiliated Contractors (ACs), Medicare Administrative Contractors (MACs), Recovery Audit Contractors (RACs) and Comprehensive Error Rate Testing (CERT) contractors. These contractors assist in the process of preventing and recovering erroneous payments.
 
In addition to reducing erroneous payments, CMS has a goal of protecting the program from potential fraud. In pursuit of this goal, CMS contracts with Program Safeguard Contractors (PSCs) and Zone Program Integrity Contractors (ZPICs). PSCs and ZPICs refer cases of potential fraud to the Department of Health and Human Services (HHS), Office of Inspector General (OIG), Office of Investigations (OI) and may also furnish requested information on ongoing fraud investigations to State Attorneys General and to State agencies.
 
Together, these contractors and units have the full range of remedies and actions available to deal with questionable, improper or abusive practices of practitioners, providers and suppliers under publicly funded health care programs.
 
Click here for more detailed information about Program Integrity Contractors and Units. If you believe you're the subject of program integrity contractor review and need regulatory compliance consulting or legal representation, conact John Little, Attorney at Law, PC.

Anti-Kickback Prohibitions

With limited exceptions, anyone who knowingly and willfully solicits or receives any remuneration (including any kickback, hospital incentive or bribe) directly or indirectly, overtly or covertly, in cash or in kind, (i) in return for referring a patient for the furnishing or arranging for the furnishing of any item or service for which payment may be made in whole or in part under Medicare, Medicaid or a State health care program, or (ii) in return for purchasing, leasing, or ordering, or arranging for or recommending purchasing, leasing, or ordering any good, facility, service, or item for which payment may be made in whole or in part under Medicare, Medicaid or a State health program, may:
  • be charged with a felony,
  • be excluded from participation is publicly funded healthcare programs,
  • face criminal fines of $25,000 and imprisonment for up to five years, and
  • incur Civil Monetary Penalties (CMPs) of $50,000 per violation and triple damages.
The Patient Protection and Affordable Care Act of (PPACA, or the 2010 healthcare reform law) clarified that a person need not have actual knowledge of the anti-kickback law or specific intent to commit a violation of the prohibition. PPACA also clarifies that violations of the anti-kickback law may serve as the basis for False Claims Act lawsuits.
 
Since the anti-kickback statute on its face is so broad, and due to concerns expressed that some relatively innocuous commercial arrangements were technically covered by the statute and therefore subject to criminal prosecution, Congress required, as part of the Medicare and Medicaid Patient and Program Protection Act (MMPPPA) of 1987, that regulations be developed to specify various payment and business practices which, although potentially capable of inducing referrals of business under federal and state health care programs, would not be treated as criminal offenses under the anti-kickback statute.  These regulations,, promulgated and clarified over the years, became known as the anti-kickback law's Safe Harbors.  Currently, there are Safe Harbors designed to address the following types of business or payment practices:
  • investments in large publicly held health care companies
  • investments in small health care joint ventures
  • space rentals
  • equipment rentals
  • personal services and management contracts
  • sales of retiring physicians' practices to other physicians
  • referral services
  • warranties
  • discounts
  • employee compensation
  • group purchasing organizations
  • waivers of Medicare Part A inpatient cost-sharing amounts
  • increased coverage, reduced cost-sharing amounts, or reduced premium amounts offered by health plans to beneficiaries
  • price reductions offered to health plans by providers
  • investments in underserved areas
  • practitioner recruitment in underserved areas
  • obstetrical malpractice insurance subsidies for underserved areas
  • sales of practices to hospitals in underserved areas
  • investments in ambulatory surgical centers
  • investments in group practices
  • referral arrangements for specialty services
  • cooperative hospital service organizations
  • shared risk arrangements
  • ambulance restocking
  • electronic prescribing and electronic health records arrangements
  • Federally Qualified Health Center arrangements
It's important to note that the safe harbor regulations do not expand the scope of activities that the anti-kickback statute prohibits. The statute itself describes the scope of illegal activities. The legality of a particular business arrangement must be determined by comparing the particular facts to the proscriptions of the statute. Failure to comply with a safe harbor can mean one of three things:
  1. The arrangement does not fall within the scope of the statute. In other words, the arrangement is not intended to induce the referral of business reimbursable under a publicly funded health care program, so there is no reason to comply with the safe harbor standards, and no risk of prosecution.
  2. The arrangement could be a clear statutory violation and also not qualify for safe harbor protection. In that case, assuming the arrangement is obviously abusive, prosecution is likely.
  3. The arrangement may violate the statute in a less serious manner, although not be in compliance with a safe harbor provision. In such a case, there is no way to predict the degree of risk. Rather, the degree of risk depends on an evaluation of the many factors which are part of the decision-making process regarding case selection for investigation and prosecution. In many (but not necessarily all) instances, prosecutorial discretion would be exercised not to pursue cases where the participants appear to have acted in a genuine good-faith attempt to comply with the terms of a safe harbor, but for reasons beyond the provider's control are not in compliance with the terms of the safe harbor. In other instances, there may not even be an applicable safe harbor, but the arrangement may appear innocuous. 
Thus, it is not true that every arrangement that does not comply with a safe harbor is suspect under the antikickback statute, though such arrangements may be suspect in particular circumstances. Parties seeking guidance about their specific arrangements may request an OIG advisory opinion.  The OIG also manages reports under the Provider Self-Disclosure Protocol (SDP), whcih is intended to be a method by which providers can voluntarily disclose self-discovered evidence of antikickback violations in an attempt to avoid the costs and disruptions associated with government-directed investigations and civil or administrative litigation.
 
For anti-kickback compliance consulting and legal assistance with your practice's business agreements and payment transactions, contact John Little, Attorney at Law, PC.

Physician Self-Referral Prohibitions

With certain detailed exceptions, the physician self-referral law, also commonly referred to as the Stark Law, (i) prohibits a physician from making referrals for certain designated health services (DHS), payable by Medicare or Medicaid, to an entity in which he or she or an immediate family member has a financial interest, and (ii) prohibits the entity from presenting or causing to be presented claims to Medicare, or any another individual, entity, or third party payer, for those referred designated health services (DHS).  Designated health services under the Stark law include:
  • clinical laboratory services,
  • physical therapy services,
  • occupational therapy services,
  • outpatient speech-language pathology services,
  • radiology and certain other imaging services,
  • radiation therapy services and supplies,
  • durable medical equipment and supplies,
  • parenteral and enteral nutrients, equipment, and supplies,
  • prosthetics, orthotics, and prosthetic devices and supplies,
  • home health services
  • outpatient prescription drugs, and
  • inpatient and outpatient hospital services.
An updated list of CPT and HCPCS codes relevant to designated health services (DHS) is published annually in the Physician Fee Schedule final rules.
 
CMS has published a number of regulations interpreting the physician self-referral law and its exceptions. Because these lengthy and complex rules and interpretations were finalized in three phases, they are typically referred to as Phase I, Phase II and Phase III rules. Over 30 exceptions to the Stark law have been provided for since its initial enactment. Together, the Stark law and its exceptions are among the most complex regulations in the healthcare industry. These exceptions address issues related to: (1) certain physician services, (2) in-office ancillary services, (3) services furnished by an organization to enrollees, (4) certain services provided by Academic Medical Centers, (5) implants furnished by an Ambulatory Surgery Center, (6) EPO and other dialysis-related drugs, (7) preventive screening tests, immunizations, and vaccines, (8) eyeglasses and contact lenses following cataract surgery, (9) intra-family rural referrals, (10) publicly-traded securities, (11) mutual funds, (12) ownership or investment interests in certain rural and other providers, (13) rental of office space, (14) rental of equipment, (15) bona fide employment relationships, (16) certain personal service arrangements, (17) physician recruitment, (18) certain isolated transactions, (19) certain arrangements with hospitals not related, directly or indirectly, to the furnishing of DHS, (20) certain group practice arrangements with a hospital, (21) certain payments by a physician, (22) charitable donations by a physician, (23) certain nonmonetary compensation, (24) fair market value compensation, (25) medical staff incidental benefits, (26) certain risk-sharing arrangements, (27) compliance training, (28) indirect compensation arrangements, (29) certain referral services, (30) obstetrical malpractice insurance subsidies, (31) professional courtesies, (32)retention payments in underserved areas, (33) community-wide health information systems, (34) electronic prescribing items and services, and (35) electronic health records items and services.
 
The Centers for Medicare & Medicaid Services (CMS) issues advisory opinions on whether a physician's referrals for certain designated health services to an entity with which he or she, or an immediate family member, has a financial relationship are prohibited under the Stark physician self-referral law. Also, pursuant to the Patient Protection and Affordable Care Act (PPACA), CMS published the self-referral disclosure protocol (SRDP), which sets forth a process to enable providers and suppliers to self-disclose actual and potential violations of the Stark law.
 
For Stark physician self-referral compliance consulting and legal assistance with your practice's business agreements and payment transactions, contact John Little, Attorney at Law, PC.

Civil Monetary Penalty Enforcement

The Social Security Act to authorize the Secretary of Health and Human Services to impose civil monetary penalties (CMPs) for certain program violations. Since the enactment of the first CMP authority in 1981, Congress has increased both the number and types of circumstances under which CMPs may be imposed. Most of the specific statutory provisions authorizing CMPs also permit the Secretary to impose an assessment in addition to the CMP. An assessment is an additional monetary payment in lieu of damages sustained by the government because of the improper claim. Also, for many statutory violations, the Secretary may exclude the individual or entity violating the statute from participating in Medicare and other federal health care programs for specified periods of time.

In 1994, HHS realigned the responsibility for enforcing these CMP authorities between the Centers for Medicare & Medicaid Services (CMS) and the Office of the Inspector General (OIG). CMS was delegated the responsibility for implementing CMPs that involve program compliance, and the OIG was delegated the responsibility for implementing CMPs that involve threats to the integrity of the Medicare or Medicaid programs, i.e., those that involve fraud or false representations. The passage of Health Insurance Portability and Accountability Act (HIPAA) in 1996 provided for higher maximum CMPs and higher assessments for some of the violations.
 
Different amounts of CMPs and assessments are sought based on the type of violation at issue. For example, in a case of false or fraudulent claims, the OIG may seek a penalty of up to $10,000 for each item or service improperly claimed, and an assessment of up to three times the amount improperly claimed. In a kickback case, the OIG may seek a penalty of up to $50,000 for each improper act and damages of up to three times the amount of remuneration at issue (regardless of whether some of the remuneration was for a lawful purpose). Some cases settled by the OIG result from self-disclosures to the OIG (see the OIG self-disclosure protocol. When a health care provider appropriately self-discloses potentially fraudulent conduct, the OIG takes the self-disclosure and the provider’s level of cooperation into account when determining the appropriate settlement terms.
 
On October 30, 2009, interim final rules were published by the Department of Health and Human Services (HHS) to conform the enforcement regulations promulgated under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) to the effective statutory revisions made pursuant to the Health Information Technology for Economic and Clinical Health Act (the HITECH Act), which was enacted as part of the American Recovery and Reinvestment Act of 2009 (ARRA). The interim final rules amended HIPAA’s enforcement regulations, as they relate to the imposition of civil money penalties, to incorporate the HITECH Act’s categories of violations, tiered ranges of civil money penalty amounts (as much as $50,000 per violation up to $1.5 million per year), and revised limitations on the Secretary’s authority to impose civil money penalties for established violations of HIPAA’s Administrative Simplification rules (HIPAA rules).
 
Click here for more detailed information about specific violations which may subject individuals and entities to CMPs. If your practice is in need of regulatory compliance consulting or health law services in order to lower your risk of being subject to Civil Monetary Penalties, contact John Little, Attorney at Law, PC.

Program Exclusion

Section 1128 of the Social Security Act provides the Secretary of DHHS the authority to exclude various health care providers, individuals, and businesses from receiving payment for services that would otherwise be payable under Medicare, Medicaid, and all federal health care programs. This authority has been delegated to the OIG. When an exclusion is imposed, no payment is made to anyone for any items or services in any capacity (other than an emergency item or service provided by an individual who does not routinely provide emergency health care items or services) furnished, ordered, or prescribed by an excluded party under the Medicare, Medicaid, and all federal health care programs. In addition, no payment is made to any business or facility, e.g., a hospital, that submits claims for payment of items or services provided, ordered, prescribed, or referred by an excluded party. The OIG also has the authority under §1128(b)(6) of the Act to exclude from coverage items and services furnished by practitioners, providers, or other suppliers of health care services who have engaged in certain forms of program abuse and quality of care issues. PSCs and ZPICs assist in such cases by documenting long-standing abusive patterns of care where educational contacts have failed to change the pattern. Examples of abuse cases suitable for exclusion include, but are not limited to:
  • Providers who have a pattern of adverse QIO, AC or MAC findings
  • Providers whose claims must be reviewed continually and are subsequently denied because of repeated instances of overutilization
  • Providers who have been the subject of previous cases that were not accepted for prosecution because of the low dollar value
  • Providers who furnish or cause to be furnished items or services that are substantially in excess of the beneficiary’s needs or are of a quality that does not meet professionally recognized standards of health care
  • Providers who are the subject of prepayment review for an extended period of time (longer than 6 months) who have not corrected their pattern of practice after receiving educational/warning letters
  • Providers who have been convicted of a program related offense
  • Providers who have been convicted of a non-program related offense (e.g., a conviction related to neglect or abuse of a beneficiary, or related to a controlled substance)
Prior to PSC and ZPIC contractors recommending cases to the OIG for exclusion, they are required to consider, among other appropriate factors:
  • the nature and seriousness of the acts in question
  • actions taken to persuade the provider/supplier to abstain from further questionable acts
  • the experience gained from monitoring payments to the provider/supplier after corrective action was taken
  • the degree of deterrence that might be brought about by exclusion
  • the effects of exclusion on the delivery of health care services to the community
If your practice is in need of regulatory compliance consulting or health law services in order to lower your risk of program exclusion, contact John Little, Attorney at Law, PC.

Whistleblower/Qui Tam Lawsuits

The federal False Claims Act (31 U.S.C. § 3729 et seq.) provides for triple damages and a penalty from $5,500 to $11,000 per claim for anyone who knowingly submits or causes the submission of a false or fraudulent claim to the United States. The statute, first passed in 1863, includes an ancient legal device called a "qui tam" provision (from a Latin phrase meaning "he who brings a case on behalf of our lord the King, as well as for himself"). This provision allows a private person, known as a "relator," to bring a lawsuit on behalf of the United States, where the private person has information that the named defendant has knowingly submitted or caused the submission of false or fraudulent claims to the United States. The relator need not have been personally harmed by the defendant’s conduct. Relators may be awared a portion (15% to 25%) of the government's recovery resulting from the False Claims Act lawsuit. Relators also may bring suit under the False Claims Act for retaliation related to their lawful attempts to prevent violations of the Act.  Over $18.5 billion in healthcare related funds have been recovered through False Claims Act settlements and judgements.
 
Click here for more detailed information about Whistlblower/Qui Tam Lawsuits. If your practice is in need of regulatory compliance consulting or health law services in order to help lower your risk of being subjected to qui tam lawsuits, contact John Little, Attorney at Law, PC.

State False Claims

Pursuant to provisions included in the Deficit Reduction Act of 2005, Section 1909 of the Social Security Act provides a financial incentive for states to enact their own false claims acts that establish liability to the state for the submission of false or fraudulent claims to the state’s Medicaid program. If a state false claims act is determined to meet certain requirements, the state is entitled to a potentially sizeable increase in amounts recovered pursuant to actions brought under the state's law.

In order for a State to qualify for this incentive, it must have in effect a law that:

  • establishes liability to the state for false or fraudulent claims as described in the federal False Claims Act (FCA) with respect to any expenditures related to state Medicaid plans,
  • contain provisions that are at least as effective in rewarding and facilitating qui tam actions for false or fraudulent claims as those described in the federal FCA,
  • contain a requirement for filing an action under seal for 60 days with review by the State Attorney General, and
  • contain a civil penalty that is not less than the amount of the civil penalty authorized under the federal FCA.
Under section 1909(b) of the Social Security Act, the OIG is required to determine, in consultation with the U.S. Attorney General, whether a state has in effect a law that meets these requirements. Through 2010, the following states have enacted laws qualifying them for the increased share under the Deficit Reduction Act: California, Georgia, Hawaii, Illinois, Indiana, Massachusetts, Michigan, Nevada, New York, Oklahoma, Rhode Island, Tennessee, Texas, Virginia and Wisconsin.
 
If your practice is in need of regulatory compliance consulting or health law services in order to help lower your risk of being subjected to whistleblower lawuits, contact John Little, Attorney at Law, PC.

Compliance Programs

Over the past 13 years, since the Office of Inspector General's (OIG's) initial publication of voluntary compliance program guidance for hospitals in 1998, healthcare providers of all types and sizes have become familiar with the basic recommendations for implementing effective internal controls to monitor and enhance compliance with applicable statutes, regulations and program requirements. Seven components are commonly recognized as essential to an effective voluntary compliance program:
  1. implementing written compliance standards,
  2. designating a compliance officer or contact,
  3. conducting appropriate training and education,
  4. developing open lines of communication,
  5. conducting internal monitoring and auditing,
  6. responding appropriately to detected offenses and developing corrective action, and
  7. enforcing disciplinary standards through published guidelines
John Little has nearly 20 years experience working with state and federal healthcare laws. He is board certified in healthcare compliance, board certified in healthcare management and has served as the General Counsel and Chief Privacy & Compliance Officer at a regional healthcare provider with over 2,500 employees in 9 states and as the Chief Compliance Officer of a national healthcare provider with over $1 billion in annual revenue and 30,000 employees in 33 states.
 
If you need assistance maintaining and enhancing your regulatory compliance program, contact John Little, Attorney at Law, PC.

Advisory Opinion Process

Both the Centers for Medicare & Medicaid Services (CMS) and the Health and Human Services (HHS) Office of Inspector General (OIG) issue advisory opinions for the purpose of providing meaningful advice on the application of certain statutes affecting healthcare providers in specific factual situations. These advisory opinions are binding, and may legally be relied upon, only by the requestor. Each opinion only applies to specific known persons or entities who provide specific statements about key factual issues. Third parties aren't bound by, and can't rely on, advisory opinions.
 
The Office of Inspector General (OIG) issues advisory opinions regarding (i) the anti-kickback statute and its safe harbors, (ii) the exclusion authorities in section 1128 of the Social Security Act (SSA), (iii) the civil monetary penalty (CMP) authorities in section 1128A of the SSA, and (iv) the criminal penalties in section 1128B of the SSA.  The OIG will not address hypothetical situations, model arrangements, general questions of interpretation, activities in which the party requesting the advisory opinion is not, and does not plan to be, involved (for example, where a requestor asks about the business practices of a competitor), the fair market value of goods, services or property, whether an individual is a bona fide employee under the Internal Revenue Code, or the application of the Stark physician self-referral law.
 
The Centers for Medicare & Medicaid Services (CMS) issues advisory opinions on whether a physician's referrals for certain designated health services to an entity with which he or she, or an immediate family member, has a financial relationship are prohibited under the Stark physician self-referral law.
 
The Stark law and the anti-kickback law are separate statutes, and, depending on the facts, a particular arrangement might implicate one or both statutes. Although the OIG is not authorized to issue opinions about the Stark law, parties requesting an OIG advisory opinion must notify the OIG if the party will be separately requesting a Stark opinion from CMS about the same arrangement.
 
If you need assistance requesting an Advisory Opinion from the OIG or CMS regarding a particular arrangement that may violate the anti-kickback statute, subject you to program exclusion or Civil Monetary Penalties, or violate the Stark physician self-referral prohibition, contact John Little, Attorney at Law, PC.

Self Disclosure

OIG SDP. The OIG introduced the Provider Self-Disclosure Protocol (SDP) in 1998. The SDP is intended to be a method by which providers can voluntarily disclose self-discovered evidence of potential fraud in an attempt to avoid the costs and disruptions associated with government-directed investigations and civil or administrative litigation. The OIG has issued two "Open Letters" to the provider community concerning SDP initiatives.  The first, issued in 2006, promoted the use of the SDP to resolve matters giving rise to civil monetary penalty (CMP) liability under both the anti-kickback statute and the Stark physician self-referral law. However, in its 2009 Open Letter, the OIG excluded Stark law violations (in the absence of an anti-kickback violation) from the scope of the SDP, stating that kickbacks pose a serious risk to the integrity of the health care system and that deterring kickbacks is a high priority for OIG. The 2009 Open Letter also established a minimum settlement amount, $50,000, to resolve kickback-related SDP submissions. While higher settlement amounts may be required based on the value of financial benefit illegally conferred as a result of the kickbacks, the minimum amount is purported to be consistent with OIG’s statutory authority to impose a penalty of up to $50,000 for each kickback and an assessment of up to three times the total illegal remuneration.
 
It's important for providers to note that the OIG is not bound by any findings made by the disclosing provider under the SDP and is not obligated to resolve the matter in any particular manner. The OIG may conclude that the disclosed matter warrants a referral to the Department of Justice (DOJ) for consideration under its civil and criminal authorities. Providers also have the ability to request the participation of a DOJ representative or a local United States Attorney’s Office in settlement discussions in order to resolve potential liability under the False Claims Act or other laws. In either case, the OIG states that it will report on the provider’s involvement and level of cooperation throughout the disclosure process to any other government agencies affected by the disclosed matter.
 
CMS SRDP. Section 6409 of the Patient Protection and Affordable Care Act (PPACA, the 2010 healthcare reform law) (i) requires Health and Human Services (HHS) to establish a Medicare self-referral disclosure protocol (SRDP) that sets forth a process for providers of services and suppliers to self-disclose actual or potential violations of the Stark physician self-referral statute and (ii) grants HHS the authority to reduce the amount due for violations of the Stark law, considering among other factors the nature and extent of the improper practices, the timeliness of the voluntary disclosure, and the cooperation in providing additional information related to the disclosure. A provider is not permitted to disclose violations through the SRDP and request an advisory opinion for the same conduct concurrently. The SRDP is intended to facilitate the resolution of only matters that, in the disclosing party’s reasonable assessment, are actual or potential violations of the physician self-referral law. Thus, a disclosing party should make a submission to the SRDP with the intention of resolving its overpayment liability exposure for the conduct it identified. When a provider submits a disclosure under the SRDP, the providers obligation to return overpayments within 60 days is suspended until a settlement agreement is entered or the provider is removed or withdraws from the SRDP. The fact that a provider is already the subject of a government inquiry does not automatically preclude a disclosure under the SRDP. The disclosure, however, must be made in good faith. A disclosing party that attempts to circumvent an ongoing inquiry or fails to fully cooperate in the self-disclosure process will be removed from the SRDP.
 
As with the OIG SDP, providers seeking to disclose Stark law violations pursant to the SRDP should note that CMS is not bound by any conclusions made by the provider and is not obligated to resolve the matter in any particular manner. Further, as a condition of disclosing a matter pursuant to the SRDP, the provider must agree that no appeal rights attach to claims relating to the conduct disclosed if resolved through a settlement agreement. After review of the provider's SRDP submission, CMS may conclude that the disclosed matter warrants a referral to law enforcement for consideration under its civil and criminal authorities. CMS may use a  provider's SRDP submission to prepare a recommendation to the Office of Inspector General (OIG) and Department of Justice (DOJ) for resolution of False Claims Act, civil monetary penalty (CMP) or other liability.
 
If you need assistance in investigating potential violations and determininig the appropriateness of a voluntary self-disclosure to the OIG or to CMS, contact John Little, Attorney at Law, PC.