Health Care, FDA and Life Sciences Client Alert: The Top 10 Things You Need to Know About the OIG's Revised Self-Disclosure Protocol

    18 April 2013

    On Wednesday, April 17, 2013, the Department of Health and Human Services’ Office of Inspector General (OIG) released an updated Self-Disclosure Protocol (SDP) governing the process by which health care providers can voluntarily identify, disclose, and resolve situations involving potential fraud involving a Federal health care program (FHCP), such as Medicare and Medicaid. This release builds on the initial SDP created in 1998, as well as additional guidance from OIG published in a series of open letters in 2006, 2008 and 2009.  The OIG decided to revise the SDP in its entirety, and the revised SDP supersedes and replaces the prior SDP and open letters. 

    As a practical matter, the newly released SDP does not fundamentally change the system for provider self-disclosures.  The OIG reaffirms that all health care providers, suppliers, or other individuals or entities who are subject to OIG’s CMP authorities, found at 42 C.F.R. Part 1003, are eligible to use the SDP.  The OIG also reaffirms that the SDP is available to facilitate the resolution of matters that, in the disclosing party’s reasonable assessment, “potentially violate Federal criminal, civil, or administrative laws for which CMPs are authorized.” 

    There are, however, several important new elements included in the SDP that will impact providers who are considering using the SDP. These new, key changes to the SDP include the following:

    1. Minimum Multiplier of 1.5: For the first time, OIG specifies that its “general practice is to require a minimum multiplier of 1.5 times the singles damages” in any given matter, which is lower than what would “normally” be required in a government-initiated investigation.  OIG also specifies that generally it applies the 1.5 multiplier to the amount paid by FHCPs and not to the amount claimed by the provider. The OIG states that the specific multiplier it uses will vary depending on the facts of each situation, and higher multipliers may be warranted in some circumstances.
    2. Requires Acknowledgement of Potential Violation: The OIG states that it will not accept any disclosing party into the SDP if the disclosure involves the Anti-Kickback Statute (AKS) (42 USC §1320a-7b) and/or the Stark Law (42 USC §1395nn) and the discloser fails to acknowledge clearly that the disclosed arrangement “constitutes a potential violation of the AKS and, if applicable, the Stark Law.
    3. Internal Investigations Must be Certified as Complete within 90 Days of Submission: OIG has always required providers utilizing the SDP to conduct an internal investigation and report findings as part of the SDP process. OIG now specifies that if a provider has not completed its investigation before it submits to the SDP, then the provider must certify that it will complete the investigation within 90 days of initial submission.  The OIG does not explicitly state that extensions will be granted if appropriate under the circumstances, or what it expects to happen if an investigation is conducted diligently but cannot be completed in 90 days due to the complexity of the matter or other reasonable circumstances.
    4. Providers Must Address Specific Factors in the Kickback Analysis: While OIG has always required providers to include a description of the conduct that is the subject of the disclosure, the new SDP emphasizes that providers must describe the “precise nature of the disclosed conduct” including a “concise statement of all details directly relevant to the disclosed conduct” and a “specific analysis” of why the disclosed conduct potentially violates the AKS and the Stark Law .

      OIG also lists the following as examples of the types of information it may find useful in assessing and resolving disclosed conduct involving the AKS and, if applicable, the Stark Law: (1) how fair market value was determined, and why it is now in question; (2) why required payments from referral sources, under leases or other contracts, were not timely made or collected, or did not conform to the negotiated agreement, and for how long such lapses existed; (3) why the arrangement was arguably not commercially reasonable (e.g. it lacked a reasonable business purpose); (4) whether payments were made for services not performed or documented, and, if so, why; (5) whether referring physicians received payments from Designated Health Service entities that varied with, or took into account, the volume or value of referrals without complying with a Stark Law exception; and (6) the corrective action taken and any safeguards implemented to prevent a reoccurrence.
    1. Process for Calculating Damages for Disclosures Involving the AKS and Stark Law: The new SDP provides a specific process for calculating damages in submissions that involve violations of the AKS alone or the AKS and the Stark Law. The submitter must calculate the total amount paid by FHCPs using as an estimate, the OIG’s specified methodology, or another reliable methodology, which must then be explained in the submission.  Disclosing parties also must specify the total amount of remuneration involved in an arrangement, regardless of whether a portion of that remuneration was not in violation of the AKS or Stark Law. OIG confirms that to resolve SDP matters involving the AKS it generally compromises its CMP authorities for an amount based on a multiplier of the remuneration conferred by the referral recipient to the individual or entity making the referral.  Submitters can argue, however, that a portion of the total remuneration should not be considered in calculating damages. OIG reiterates that it has discretion in determining the appropriate amount of damages that will be required to resolve the matter.
    2. Specific Instructions for Disclosures Regarding Excluded Persons:  In the prior SDP, OIG did not specifically address what information would have to be disclosed in reports regarding employment of, or contracting with, an excluded party. The SDP now includes a section detailing the requirements for such disclosures. Providers must disclose: (1) the identity of the excluded individual and any provider ID number; (2) the individual’s job duties; (3) the dates the individual was employed or under contract; (4) a description of any background checks completed before and/or during the time the individual was employed or under contract; (5) a description of the provider’s screening process and what led to the hiring or contracting with the excluded individual; (6) a description of how the situation was discovered; and (7) a description of corrective action taken.

      The new SDP also specifies how damages should be calculated in disclosures involving employment of, or contracting with, an excluded party. Where the items or services furnished, ordered or prescribed by the excluded individual were separately billed to a FHCP, the disclosure should specify the total amount claimed and paid by the FHCP. OIG notes that this approach will likely apply when the excluded party is a direct provider, such as a physician or pharmacist. In situations where the excluded party is providing items and services that are not separately billed to an FHCP, however, OIG acknowledges that calculating damages can be difficult.  For purposes of resolving SDP matters involving these non-separately-billable items or services, the OIG will use the disclosing party’s total costs of employment or contracting during the exclusion to estimate the value of the items of services provided by that excluded individual.
    1. $10,000 Minimum Settlement Amount for Non-Kickback Submissions: Consistent with the 2009 Open Letter to Health Care Providers, the new SDP specifies that, for kickback-related submissions, OIG will require a minimum settlement of $50,000, consistent with its CMP penalty authority. The new SDP announces for the first time, however, that, for all other matters, the minimum settlement amount will be $10,000, also based on OIG’s CMP penalty authority
    2. Tolling the Statute of Limitations: The new SDP specifies that the disclosing parties must agree to waive and not plead statute of limitations, laches or any similar defense to any administrative action filed by the OIG “relating to the disclosed conduct,” except to the extent that such defenses were available to the disclosing party on the date of submission.
    3. Advocating to DOJ for Benefits for Disclosing Parties: In the new SDP, OIG states that, in coordinating with DOJ in both civil and criminal matters, it will “advocate” that disclosing parties should receive a benefit from disclosing under the SDP. For civil matters, OIG will advocate for allowing the matter to be resolved “consistent with OIG’s approach in similar cases.”
    4.  CIAs Not Required to Resolve SDP Matters: OIG confirms its earlier statement in a 2008 Open Letter to Health Care Providers that it has a presumption against requiring Corporate Integrity Agreements (CIAs) as a condition for resolving SDP matters. In 2006, prior to implementing this policy in 2008, OIG required CIAs in 27 of the 136 self-disclosures that it resolved with a monetary payment. Since 2008, however, OIG has required specific integrity measures in only one of the 235 SDP matters that it resolved.

    The revised SDP clarifies a number of standing practices, and also makes new policy announcements.  OIG states in the SDP that it will not accept submissions involving only Stark Law violations without any AKS component to them.  Also, consistent with the February 2012 Notice of Proposed Rulemaking from the Centers for Medicare and Medicaid, OIG confirms that the provider’s obligation to report and return identified overpayments within 60 days is suspended if the submission to the SDP is timely made and OIG acknowledges receipt of the submission. OIG also indicates that it is making efforts to streamline its internal process for reviewing and resolving SDPs and states that the current average time between acceptance into the program and resolution is 12 months.

    Under the revised protocol, providers considering the SDP program will have more specific details to guide their submission, but will also face stricter requirements, such as the 90 day timeline for completing internal investigations.  Providers facing a potential disclosure should discuss whether the SDP process is available under any specific circumstances, as well as the benefits and risks of a potential self-disclosure, with counsel before invoking the SDP process.