Tips for using the OIG Provider Self-Disclosure Protocol.

The Department of Health and Human Services (HHS) Office of Inspector General (OIG) published the Provider Self-Disclosure Protocol (SDP) in 1998. The SDP provides a process for health care providers to voluntarily identify, disclose, and resolve self-discovered instances of potential fraud involving federal health care programs. The SDP also provides guidance on how to investigate this conduct, quantify damages, and make the disclosure to resolve the provider’s liability under the OIG’s civil monetary penalty (CMP) authorities.  Currently, the OIG reports an annual average of 100 SDP disclosures resulting in an aggregate settlement total approaching $100 million a year. The approximately 1,000 disclosures to date have resulted in federal health program recoveries nearing a half billion dollars. The OIG has acted upon three major categories for SDP settlements: false claims, employment of excluded individuals, and Stark Law and Anti-Kickback Statute (AKS) violations. A few Emergency Medical Treatment and Labor Act (EMTALA) cases are also resolved through the SDP each year. In 2016, false claims related SDP disclosures accounted for 40 percent of the total recoveries. Disclosures involving the employment of excluded individuals constituted a third of the recoveries. The balance of recoveries related to the Stark/AKS and EMTALA categories of SDP disclosures.

The OIG promotes several benefits of using the SDP. For example, in resolving an SDP matter, the OIG institutes a presumption against requiring a Corporate Integrity Agreement (CIA) as a condition of releasing the entity from federal health care program exclusion. Additionally, those who file the SDP and cooperate with the OIG during the SDP process will pay a lower CMP settlement amount than would normally be required in resolving a Federal Government-initiated investigation. Generally, the OIG requires a minimum multiplier of 1.5 times the single damages in CMP settlements of SDP matters. The OIG also states that the use of the SDP may mitigate potential exposure to Medicare or Medicaid related liability. Further, when the OIG reports receipt of a submission through the SDP, the OIG may suspend the obligation to report overpayments on the matter.

Once an organization makes the decision to submit an SDP, it must follow the SDP instructions carefully.  The failure to do so may lead to increased penalties. The OIG is very clear that they will act upon the information provided through the SDP; the SDP process is not an avenue to negotiate or litigate issues. The SDP guidance includes specifics regarding the types of SDPs to submit. The OIG has stated that organizations must not submit SDPs for errors or overpayments that do not potentially violate CMP laws. Additionally, organizations must not request an opinion on whether a potential violation exists. Further, the OIG is not interested in settlements under $10,000 or $50,000 in case of AKS. SDPs related to the AKS/Stark Law must acknowledge that the disclosed arrangement “constitutes a potential violation of those statutes”. Also, when disclosing the potential submission of false claims, the total amount of those claims must be presented. For matters involving the AKS, disclosing parties must also specify the total amount of remuneration involved in an arrangement, regardless of whether a portion of that remuneration was not in violation. Those referrals involving excluded individuals must include: (a) identification of the excluded parties; (b) any provider ID number; (c) their job duties (d) dates of their employment or under contract; (e) a description of any background checks completed before and/or during the time they were employed or under contract; (f) a description of the provider’s screening process; (g) circumstances leading to the engagement of the excluded individual; (h) a description of how the situation was discovered; (i) a description of corrective action taken; and (j) the total amount claimed and paid by the federal health care program for services of the excluded party.

Given the specificities required in the SDP, organizations should first establish the specific conduct being disclosed. Once the facts are known, a proper determination can be made as to the best manner to resolve the matter.

Expert advice for Compliance Officers regarding SDP submission includes the following:

1. Organizations should avoid disclosure until they have completed a thorough investigation.
2. Identify the potential laws violated at the time of disclosure.
3. In the initial disclosure or at settlement, organizations should not insist that fraudulent activity has not taken place.
4. If filing an SDP, organizations should agree to pay the multiplier determined by the OIG.
5. Entities should submit an SDP only if it involves an SDP solely for a Stark law violation.
6. Organizations should be prepared to accept the damages decided upon by the OIG.
7. Compliance Officers should ensure that damages are accurately quantified.
8. Organizations should cooperate fully after filing an SDP; issues should not be argued or litigated through this venue.

The OIG Provider SDP can be found at:

 https://oig.hhs.gov/compliance/self-disclosure-info/protocol.asp.