HHS OIG Reports Five-Fold Increase In Civil Monetary Penalties Over The Last Three Years

The HHS OIG issued its Semi-Annual Report for the first half of fiscal year (FY) 2016 (October through March). The Report summarized the OIG’s key accomplishments during the reporting period. Additionally, the OIG cited the five most important federal fraud and abuse laws that apply to health care providers: (1) the False Claims Act (FCA); (2) the Anti-Kickback Statute (AKS); (3) the Physician Self-Referral Law (Stark Law); (4) the Exclusion Authorities; and (5) the Civil Monetary Penalties Law (CMPL). The first four laws are well known to providers and enforced by the Department of Justice through the Federal Courts. The CMPL is often forgotten, but remains a very important enforcement tool. It is assigned to the OIG for enforcement, and cases are decided internally at HHS by Administrative Law Judges.

Under the CMPL, the OIG is authorized to impose administrative penalties on and assessments against a person who submits, or causes to be submitted, claims to a federal health care program that the person knows, or should know, are false or fraudulent. It is, in effect, an administrative alternative to the False Claims Act. CMPL cases are generally those where violations fall below the threshold to be prosecuted by the DOJ in the federal courts.

At the American Health Lawyers Association annual meeting, the OIG referenced several enforcement matters to further highlight its activities. Further, the OIG recently reported on cases involving more than $43.8 million in CMPs and assessments. These CMP recoveries have increased nearly five times over the past three years and are expected to hit new highs during FY 2016. The increase in settlements under the CMPL related more to affirmative enforcement actions, as opposed to settlements arising from self-disclosures. The increase in CMP settlements is directly correlated with an increase in individual liability and exclusions, particularly for managers, executives, and physicians.

CMPs allow for various recoveries, including treble damages and up to a $50,000 penalty for each occurrence involving certain conduct. In addition, the OIG maintains exclusion authority, which it can exercise to prevent entities from participating in the Medicare or Medicaid programs for an extended period or indefinitely. Aside from the more obvious financial implications of losing participation eligibility in government-funded healthcare programs, exclusion can also impact participation in federal grants, cooperative agreements, and other procurement programs.

Much of the increased CMP enforcement actions have been attributed to the OIG creating a new legal team dedicated to pursuing CMPs and exclusions. The team has been used to complement the DOJ’s other efforts to fill in enforcement gaps. It has also focused on levying CMPs and excluding individuals and organizations from participating in the Medicare and Medicaid programs. The litigation team is lead by an OIG deputy branch chief and 10 dedicated attorneys. Together, they focused on increasing civil enforcement actions against providers and individuals in cases initiated by the OIG, including cases related to improper billing under the Medicare and Medicaid programs, kickbacks, and compliance with corporate integrity agreement (CIA) obligations. The presence of another government enforcement team patrolling the healthcare industry means healthcare providers, as well as owners, executives, and managers, should re-evaluate their compliance program effectiveness in order to bolster their programs. This should include testing and improving ongoing monitoring and audit functions, and reviewing and updating compliance-related policies and procedures. With new timeliness standards for disclosing potential violations of laws and regulations, it is very important to ensure that internal investigations are initiated quickly and issues are resolved professionally at first sign of a problem. By taking these and other steps, providers can more effectively identify, mitigate, and manage their compliance risks.