Corporate leadership should carefully consider the advantages and disadvantages of self disclosure before selecting a course of action.
Recently announced (April 15, 2008) changes to the U.S. Department of Health and Human Services Office of Inspector General (OIG) Provider Self Disclosure Protocol (SDP) provide health care providers and their executive and board leadership with important new options for resolving particular corporate compliance issues, including Stark violations, on favorable monetary terms and without the burden of an integrity agreement. These new changes were designed by OIG to facilitate cooperative self disclosure involving conduct under the Medicare, Medicaid and other federal health care programs. Corporate compliance officers, executive leadership and boards of directors should give close, good faith consideration to using the SDP when addressing circumstances reflecting potential violations of law. As with any form of self disclosure to a governmental agency, however, participation in the SDP carries with it certain risks and responsibilities, as generally discussed below. Accordingly, corporate leadership should carefully consider the advantages and disadvantages of self disclosure before selecting a course of action.
According to the OIG, the refined SDP requirements are intended to further promote the SDP process by improving its efficiency and to benefit providers that self disclose. In particular, the OIG has stated that providers that faithfully comply with the new refinements and clarifications will generally not be required to enter into Corporate Integrity or Certification of Compliance Agreements, and that monetary settlements in SDP cases would generally be “an amount near the lower end of the damages continuum.”
Refined SDP Requirements
The purpose of the SDP is to provide guidance to health care providers that seek to make voluntary disclosure of federal health care program compliance issues that the provider believes potentially violate federal criminal, civil or administrative laws for which exclusion or civil monetary penalties are authorized. OIG believes that the SDP has been an important component of the shared commitment to promote integrity in federal health care programs through effective corporate compliance programs.
In order to take advantage of the SDP, a provider must have made a good faith determination that the conduct in question involves potential fraud against the federal health care programs, as opposed to mere overpayments. Although one might question whether all Stark violations represent “fraud,” it is clear that Stark violations are among the difficult compliance issues that can be addressed effectively under the SDP. Refunds and disclosures relating to billing errors and overpayments that are not indicative of fraudulent conduct are expected to be submitted by the provider directly to the payment Medicare contractor rather than to the OIG.
The Provider Submission Process
In addition to the basic information historically required in an OIG disclosure, the revised guidelines require a provider to include the following:
- A complete description of the conduct being disclosed
- A description of the provider's internal investigation or a commitment regarding when it will be completed
- An estimate of the damages to the federal health care programs and the methodology used to calculate that figure or a commitment regarding when the provider will complete such estimate
- A statement of the laws potentially implicated by the conduct
Furthermore, the provider must be in a position to complete the investigation and damages assessment within three months after acceptance into the SDP (presumably, if not already completed by the time of the submission).
The Favorable Presumption
Most noteworthy of all of the SDP refinements adopted by the OIG is a new, explicit presumption in favor of not requiring the provider to enter into either a Corporate Integrity Agreement (CIA) or Certification of Compliance Agreement (CCA). This means that when OIG negotiates resolution of applicable Civil Money Penalty Law and permissive exclusion authorities in exchange for an appropriate monetary payment, it will generally not require a CIA or CCA. The presumption is applicable only to providers that have submitted a complete and accurate disclosure, respond promptly to OIG informational requests and have performed an adequate internal investigation of the underlying issues. The OIG believes that these three conditions are indications that the provider has already adopted effective compliance measures.
The OIG's new initiative is a significant development making voluntary participation in the SDP a much more attractive alternative than it has been in the past. The specific benefits of the new program include the following:
- The improved prospect of no integrity agreement, which otherwise can be an extraordinarily expensive and administratively challenging burden for the provider (not to mention the related public relations implications)
- A speedier resolution of the matter by OIG once the SDP requirements have been satisfied, enabling providers to put compliance matters behind them in a far more expeditious manner
- Meaningful credit from the OIG for substantial internal compliance audits and investigations performed by the provider (i.e., concrete benefits from the resources invested in internal audits and investigations)
Provider boards of directors, executive leadership and their legal counsel have historically struggled with the advantages and disadvantages of participating in the voluntary SDP program when facing challenging compliance issues, particularly regarding transactions of uncertain legality. Although these difficult issues are not entirely avoidable given the complexity of the regulatory schemes and legal requirements in health care, these significant changes in the SDP should make the decision to participate in the SDP considerably easier for providers with strong compliance and internal audit programs. Indeed, the improved prospect of avoiding integrity agreements, limiting potential damages and penalties, and speedy resolution of SDP matters within the OIG provides a greater incentive for the development or enhancement of provider compliance program activities and conducting appropriately robust internal investigations of identified compliance issues.
The OIG's new position can be seen, together with recent Internal Revenue Service (IRS) intermediate sanctions regulations, which also promise favorable regulatory treatment for organizations that identify and address problems through compliance programs before the IRS becomes aware of the issue, as a very favorable development supporting the corporate commitment compliance in the health care industry. Notwithstanding these SDP improvements, providers must be aware that, like prior versions of the SDP, the revised SDP does not include any guarantees regarding the resolution of a particular matter or the level of damages/sanction that will be recovered/imposed in a particular case. Depending on the underlying conduct, and possibly the handling of the SDP disclosures, OIG could decline to allow a provider to participate in the SDP and retains its authority to investigate matters independently and to refer matters to the U.S. Department of Justice. Finally, while jurisprudence regarding public disclosures is evolving, provider leadership must understand that resolution of a compliance issue under the SDP would not necessarily eliminate exposure under the false claims act.
Accordingly, even the revised SDP is not a “get out of jail free card.” To secure its benefits, providers will be expected to have conducted a thorough internal investigation and disclose their findings to the OIG. Failure to conduct a sufficiently robust investigation or to cooperate fully with the OIG would likely result in exclusion from the SDP process and further investigation of the matter by the OIG (and possibly other law enforcement). Failure to be forthright in disclosures under the SDP may also expose a provider to additional sanctions under various theories depending on the underlying issues and circumstances.
The OIG is serious about improving the efficiency of the SDP and enhancing its benefits for providers that actively seek to identify, investigate and voluntarily disclose unlawful conduct within their organizations, including issues arising under the Stark Law and anti-kickback statute. These revisions improve the viability of the SDP for resolving many problematic situations for providers, but successful handling of such issues requires careful analysis of the identified legal issues and thoughtful consideration by a provider’s compliance officer, other executive leadership and board of directors.