On April 18, 2016, Inspector General Daniel R. Levinson announced the publication of updated guidance on how the Office of Inspector General (OIG) makes decisions about using its permissive exclusion authority and requiring integrity obligations when presented with a False Claims Act (FCA) settlement. This document is noteworthy not only to defendants in FCA cases but also to the health care industry in evaluating their compliance program activities.
Section 1128(b)(7) Exclusion Authority
The permissive exclusion authority at issue, Section 1128(b)(7) of the Social Security Act (42 USC 1320a-7(b)(7)), is the authority that permits OIG to bring an exclusion action for conduct that could also be pursued under the FCA—namely false or fraudulent claims or anti-kickback or Stark law issues. Negotiating the resolution of OIG's 1128(b)(7) authority is generally part of the settlement process of FCA cases and formed the basis for why OIG developed corporate integrity agreements (CIAs) more than 20 years ago.
1997 OIG Guidance
OIG first issued guidance on the 1128(b)(7) authority in 1997, but the updated guidance is structured much differently than the 1997 notice. While both retain the "presumption" that a person would has defrauded the federal health care programs should be excluded, the 1997 notice contained general factors on how OIG made exclusion and CIA decisions but provided few clues on how the factors were valued against each other. The 1997 notice also only dealt with the binary decision between exclusion or CIA. Over time, this came to not reflect OIG's development of other options, such as "unilateral monitoring" by OIG or OIG choosing to not seek a CIA in certain cases and "reserving" the 1128(b)(7) authority by not providing a release in the settlement agreement. Further, OIG's elevated the importance of self-disclosure in the 2008 Open Letter and 2013 updated OIG Self-Disclosure Protocol, which created a "presumption" of not requiring integrity obligations in resolving self-disclosures, was not reflected in the 1997 notice.
New Guidance Summary
The new guidance articulates, for the first time, OIG's risk assessment "continuum" and all of the options OIG considers in evaluating individuals and entities along this continuum. These options are, in order of high-to-low risk: exclusion; "heightened scrutiny" which includes OIG's own monitoring efforts or referrals to CMS or CMS' contractors; a CIA; "reserving" the 1128(b)(7) authority with no further action; and, finally, releasing the 1128(b)(7) authority when the person self-disclosed the matter. The OIG explains in some detail the reasons it chooses among these options. For example, OIG explains that there are two reasons why it may decide to not seek a CIA in an FCA settlement and reserve its exclusion authority: 1) the absence of egregious conduct such as patient harm, intentional fraud or relatively low financial harm in proportion to the size of the provider; or 2) there is a successor owner of the provider. In deciding whether to require a CIA of the successor owner, OIG considers whether the new owner: 1) purchased the entity after the subject conduct occurred; 2) has a compliance program; 3) does not have a history of "wrongdoing or fraud settlements" with the United States; 4) took appropriate steps to address the predecessor's misconduct and reduce the risk of future misconduct; and 5) can demonstrate other facts and circumstances relevant to the OIG's decision-making.
The new guidance then discusses four broad categories of factors that OIG considers in making a risk assessment: nature and circumstances of the conduct, conduct during the investigation, significant ameliorative efforts and history of compliance. While the OIG states that it is making an assessment of future risk of participation in federal health care programs, the factors OIG uses to make this assessment mostly deal with past conduct, especially the alleged past conduct that the defendant is settling in the FCA case. The most future-oriented factor, "significant ameliorative efforts," is limited to whether appropriate disciplinary action was taken against responsible individuals; whether the entity devoted "significantly more resources to the compliance function" (presumably after the investigation began); or whether entity was sold to a third party or a licensed individual received additional training and mentorship.
Defense and Compliance Lessons
OIG has signaled a significant shift in its assessment of when it seeks a CIA in an FCA settlement with this new guidance. The greater transparency in this document as to OIG's decision making and priorities should prove helpful for defense lawyers in structuring their negotiations with OIG on the CIA issue.
With this new guidance, OIG is sending a broader message to the health care industry than to just FCA defendants. When the 1997 guidance was issued, the state of compliance programs was in its infancy. So, OIG's guidance was set up at that time to give credit to the rare provider that had begun the process of setting up a compliance program, even if the impetus for doing so was the government investigation that the provider was settling. Over the past 20 years, compliance programs have become universal among the health care sector, in no small part due to OIG's focus on encouraging providers to create and maintain compliance programs.
In 2016, having a compliance program is the expectation of the OIG, as well as US Department of Justice, Centers for Medicare & Medicaid Services, and potential buyers, investors and lenders. Inspector General Levinson summed up the agency's attitude when announcing the guidance as there are "no bonus points for having a compliance program.” At this point, OIG's goal has shifted from encouraging the creation of compliance programs to encouraging the operation of effective compliance programs. To OIG, effectiveness is measured in two ways: prevention and self-disclosure. When OIG faces a defendant in an FCA case, it believes that the compliance program may need further development and attention that a CIA would provide. For OIG "the goals of CIAs are to strengthen a person's compliance program and promote compliance so that future issues can be prevented or identified, reported, and corrected"—before the next relator's complaint is filed.