Section 6409 of the Affordable Care Act (ACA) requires the Secretary of Health and Human Services (HHS), along with the Inspector General of HHS, to develop a self-referral disclosure protocol (SRDP) for providers of services and suppliers to self-disclose violations of the physician self-referral statute. The ACA also grants the Secretary authority to reduce the payments due for violations of the self-referral statute when a provider selfdiscloses violations. On September 23, 2010, HHS released the SRDP, which may be found at the following web address:

The following provides summary highlights of the guidance document, as well as an overview of the SRDP process.

I. General Information about the SRDP

The SRDP is intended for the disclosure of matters, which in the reasonable assessment of the disclosing party are actual or potential violations, and may not be used to obtain a determination from the Centers for Medicare and Medicaid Services (CMS) as to whether an actual violation has occurred. In addition, providers already undergoing government inquiry may still use the SRDP process, although all disclosures must be made in good faith.

II. Cooperation with OIG and the DOJ

While the SRDP is limited to violations of the physician self-referral law, the Office of Inspector General’s (OIG’s) Self-Disclosure Protocol will remain available for all other violations of law. It is important to note that disclosures made under the SRDP may still be referred to law enforcement, OIG and/or the Department of Justice (DOJ).

For disclosing parties with corporate integrity agreements (CIAs) or certification of compliance agreements (CCAs) with the OIG, beginning September 23, 2010, all disclosures related to violations of the physician self-referral law must be made using this SRDP with a copy submitted to the disclosing party’s OIG monitor. Disclosing parties with a CCA or CIA should also comply with any other requirements set forth in the agreements.

III. Submission of the Disclosure

Disclosures must include (i) a description of the actual or potential violation, (ii) financial analysis information, and (iii) a certification. Below, please note the various requirements for each element of the submission.

Description of the Actual or Potential Violation

  • Name, address, national provider identification numbers (NPIs), CMS Certification Number(s) (CCN), tax identification number of the disclosing party, and name and address of the disclosing party’s designated representative (In instances where the disclosing party is owned, controlled or part of a system or network, the disclosing party must provide a diagram or description of the relationships along with names and addresses of the related entities);
  • A description of the matter being disclosed;
  • Statement of why a violation may have occurred (along with a legal analysis, the self-referral exception that applied and which elements were or were not met, and the potential causes of the incident or practice);
  • How the violation was discovered and steps taken to address it and prevent future abuses;
  • Statement of past conduct or other enforcement actions against the disclosing party;
  • Description of the pre-existing compliance program and its adequacy, as well as the measures taken to restructure the non-compliant relationship or arrangement;
  • Description of other notices of the violation provided to other federal agencies; and
  • Identification of other ongoing investigations and whether the disclosing party has knowledge that the violation is already under investigation by a government agency or contractor.

Financial Analysis Information

  • Amount (itemized by year) that may be due based on the “look back” period (i.e., the time that the disclosing party was non-compliant);
  • Description of how this amount was calculated; and
  • Summary of the auditing activity and the documents relied upon.


  • Signed certification by the disclosing party or the entity’s chief executive officer, chief financial officer or other authorized representative stating that, to the best of the individual’s knowledge, the information provided is based on a good faith effort and is truthful.

The information must be submitted electronically to In addition, the original and one copy should be mailed to the Division of Technical Payment Policy, ATTN: Provider and Supplier Self-Disclosure, Centers for Medicare and Medicaid Services, 7500 Security Boulevard, Mailstop C4-25-02, Baltimore, MD 21224.

IV. CMS Verification

Upon electronic submission of a violation, CMS will send a response email to acknowledge receipt of the disclosure. CMS will then begin verification of the disclosure submission and may request additional information. At least 30 days will be provided for the furnishing of this additional information. It is important to note that matters outside the scope of the disclosure may be pursued independently of the SRDP.

V. Factors Considered for Reduction of Payments

CMS may consider the facts and circumstances of each individual violation and determine whether a reduction is appropriate, although it is under no obligation to provide a reduction. CMS may consider the following factors when making this determination: (i) the nature and extent of the improper or illegal practice, (ii) the timeliness of the self-disclosure, (iii) the cooperation in providing additional information, (iv) the litigation risk associated with the disclosed matter and (v) the disclosing party’s financial position.

VI. Timing of Payments

Reporting and returning of overpayments must occur by the later of (i) the date, which is 60 days after the overpayment was identified; or (ii) the date any corresponding cost report is due, if applicable. The obligation to return an overpayment within 60 days will be suspended upon the disclosing party’s receipt of CMS confirmation that the disclosure has been received. This suspension will continue until a settlement agreement is entered, the disclosing party withdraws from the SRDP or CMS removes the disclosing party from the SRDP. While overpayments will not be accepted until completion of the inquiry, CMS encourages disclosing parties to place funds in an interest-bearing account.

If CMS consents, the disclosing party may be required to acknowledge in writing that receipt of payment does not constitute the government’s agreement as to the amount of loss, nor does it preclude other potential liabilities.

VII. Appeals

If a settlement agreement is entered into as a result of the disclosure, the disclosing party agrees that no appeal rights attach to the claims. Disclosing parties that withdraw or are removed from the SRDP may appeal overpayment demand letters.