OIG Issues Revised Self-Disclosure Protocol

The Department of Health and Human Services Office of Inspector General (OIG) April 17 released a revised provider self-disclosure protocol (SDP), including new guidance on calculating penalty multipliers, reporting conduct involving excluded individuals, and reporting potential violations of the anti-kickback statute. The SDP establishes a process for providers to voluntarily identify and disclose potential cases of fraud involving federal health care programs, including “guidance on how to investigate this conduct, quantify damages, and report the conduct to OIG to resolve the provider’s liability under OIG’s civil monetary penalty (CMP) authorities,” the revised SDP said. Tony Maida, deputy chief in the administrative and civil remedies branch of OIG’s Office of Counsel, said OIG thought “it would provide more transparency to providers if we gave them specific guidance on some of the most common conduct we’ve received under the SDP.” OIG has resolved more than 800 disclosures in the past 15 years, according to the revised SDP. 60-Day Rule The revised protocol also addressed a proposed 60-day overpayment rule from the Centers for Medicare and Medicaid Services (CMS), contending that “the SDP may mitigate potential exposure” to the proposed rule’s overpayment requirements. The CMS proposed rule, released in February 2012, would require physicians to return an overpayment and “to notify the Secretary, State, intermediary, carrier or contractor to whom the overpayment was returned in writing of the reason for the overpayment,” all within 60 days of first identifying the overpayment. However, the proposed rule would suspend the 60-day obligation to return overpayments if OIG confirmed the receipt of a provider’s timely submission under the SDP. In return for a suspension of the 60-day obligation, “OIG expects disclosing parties to disclose with a good faith willingness to resolve all liability within the CMPL’s [Civil Monetary Penalties Law] six year statute of limitations as described in section 1128A(c)(1) of the [Social Security] Act,” the revised SDP said. OIG said it would provide additional guidance regarding the SDP and the 60-day rule after CMS releases a final rule. The first OIG provider SDP was published in 1998, and OIG has issued three open letters since then offering additional guidance. OIG released a notice in June 2012 calling on the public to provide recommendations for a revised protocol. Maida said there was strong support from commenters in favor of incorporating OIG’s original SDP and the three open letters into one document. Additional Guidance The revised SDP also provided guidance on how OIG calculates penalties for providers disclosing potential violations, noting that “we believe that individuals or entities that use the SDP and cooperate with OIG during the SDP process deserve to pay a lower multiplier on single damages than would normally be required in resolving a Government-initiated investigation.” Although OIG said the multiplier it uses may vary on a case-by-case basis, it said a common practice is to require a minimum multiplier of 1.5 times the single damages. OIG’s Maida said OIG has never articulated the 1.5 multiplier before. “We do think providers should pay some type of multiplier, but we also want to incentivize them to enter the SDP,” Maida said. Laurence J. Freedman, an attorney with Patton Boggs LLP, Washington, D.C., says that specifying the 1.5 multiplier is an indication from OIG that “providers do want some clear expectation of what their involvement with the SDP will entail.” In addition, OIG will require a minimum settlement of $50,000 to resolve any anti-kickback-related disclosures using the SDP and a minimum settlement of $10,000 for any other disclosures using the SDP. Overall, Freedman said the revised SDP offers more explicit guidance that reflects current practices. “It reiterates a commitment to having an efficient process, and reflects OIG’s more detailed thinking on how the process should work,” Freedman said. However, Freedman said the revised SDP still gives no indication of a Department of Justice endorsement of the SDP. OIG refers all disclosures of criminal conduct to DOJ, and while OIG will advocate to DOJ on behalf of the disclosing providers, DOJ is not bound by the SDP, Freedman said. Excluded Individuals The revised SDP also included specific guidance on how to disclose information about any conduct involving employees who are discovered to be excluded from participating in federal health care programs. Providers must include:

• The identity of the excluded individual;
• The excluded individual’s job description;
• The excluded individual’s dates of employment;
• Descriptions of any background checks performed on the employee before or during his or her employment;
• Descriptions of the employee screening process;
• A description of how the provider discovered the employee was an excluded individual; and
• A description of any corrective actions that were taken to ensure no excluded individuals are hired in the future.

Freedman said the new guidance “shows an emphasis on entities finding excluded individuals within their organizations and reporting them. It highlights provider expectation.” Potential Anti-Kickback Violations Additionally, OIG’s revised SDP provided guidance on information that may prove helpful in resolving disclosures related to potential violations of the anti-kickback statute “and, if applicable, the Stark Law.” The revised SDP included several examples of helpful information for providers to disclose, such as:

• How fair market value was determined;
• Why required payments from referral sources were not made or collected in a timely manner; and
• Whether payments were made for services that were never done or documented.

“OIG will not accept any disclosing party into the SDP that fails to acknowledge clearly that the disclosed arrangement constitutes a potential violation of the AKS and, if applicable, the Stark Law,” the revised SDP said.