On September 23, 2010, the Centers for Medicare & Medicaid Services (CMS) published on its website the “Self-referral Disclosure Protocol” (SRDP), which has significant implications for healthcare providers. The complete SRDP is available here.1 The SRDP is required by Section 6409 of the Patient Protection and Affordable Care Act (PPACA). The SRDP sets forth a process that enables providers and suppliers to self-disclose actual or potential violations of Section 1877 of the Social Security Act, also known as the physician self-referral law and commonly referred to as the “Stark Law.”2 Importantly, the SRDP addresses issues that healthcare providers have struggled with for years when they discover a violation of the physician self-referral law.

The SRDP is open to all healthcare providers and suppliers, whether individuals or entities, and is not limited to any particular industry, medical specialty, or type of service. The fact that a disclosing party is already subject to a Government inquiry (including investigations, audits or routine oversight activities) will not automatically preclude a disclosure under the SRDP. Further, healthcare providers should note that the SRDP cannot be used to obtain a CMS determination as to whether an actual or potential violation of the physician self-referral law occurred. Importantly, the SRDP is separate from the CMS physician self-referral advisory opinion process and is intended to facilitate the resolution of only matters that, in the disclosing party’s reasonable assessment, are actual and potential violations of the physician self-referral law. CMS states that a disclosing party should make a submission to the SRDP with the intention ofresolving its overpayment liability exposure for the conduct it has identified.

SRDP in General

Important highlights of the SDRP include the following:

  • At the time a healthcare provider or supplier electronically submits a disclosure, the obligation under Section 6402 of the PPACA to return any potential overpayment within 60 days will be suspended until a settlement agreement is entered, the provider or supplier withdraws from the SRDP, or CMS removes the provider or supplier from the SRDP.
  • CMS is not bound by any conclusions made by the disclosing party under the SRDP and is not obligated to resolve the matter in any particular manner.
  • CMS will coordinate disclosures it receives from providers with the Department of Health and Human Services, Office of Inspector General (OIG) and the Department of Justice (DOJ) as appropriate. Importantly, conduct that implicates the Stark Law and the OIG civil monetary penalty (CMP) authorities regarding the anti-kickback statute should be disclosed through the OIG’s Self-disclosure Protocol and not through the SRDP.
  •  CMS cautions disclosing parties to make initial disclosure decisions carefully because CMS may review an SRDP submission and conclude that a referral to OIG and/or the DOJ is warranted.
  •  As a condition of disclosing a matter pursuant to the SRDP, disclosing parties must agree to drop appeal rights pertaining to claims related to conduct resolved through a settlement agreement at the close of the SRDP. If a settlement agreement is unattainable, the party would retain its appeal rights.

Voluntary Disclosure Submission Requirements

The disclosures made pursuant to the SRDP must be comprehensive and address all of the elements set forth in the SRDP, which include:

  •  The disclosure must be submitted electronically to CMS.
  •  The disclosure must include specific information related to the matter disclosed such as:
  •  Identifying information of the disclosing party
  • A description of the nature of the matter being disclosed, including the type of financial relationships, the parties involved, the specific time periods the disclosing party may have been out of compliance and the type of designated health service claims at issue
  •  The type of transaction or other conduct giving rise to the matter and the names of the entities and individuals believed to be implicated
  • A statement from the disclosing party regarding why it believes a violation of the physician selfreferral law may have occurred, including a complete legal analysis of the physician self-referral law to the conduct and any physician self-referral exception that applies to the conduct
  • The circumstances in which the disclosed matter was discovered and measures taken toaddress the issue and prevent future abuses
  •  A statement identifying whether the disclosing party has a history of similar conduct or has any prior criminal, civil and regulatory enforcement actions against it
  •  A description of the existence and adequacy of a pre-existing compliance program and all efforts to prevent a recurrence of the incident
  •  A description of appropriate notices, if applicable, provided to other government agencies in connection with the disclosed matter
  •  An indication of whether the disclosing party has knowledge that the matter is under current inquiry by a government agency or contractor and a description of the inquiry; the disclosing party must also disclose whether it is under investigation or other inquiry for any other matters relating to a federal healthcare program
  • The disclosure must contain a comprehensive financial analysis.
  •  The disclosing party or an appropriate officer of the disclosing party must certify that the submission is truthful and based on a good-faith effort to resolve any potential liabilities under the physician selfreferral law.

CMS will verify the submission, including requesting additional information and requiring cooperation from the disclosing party to provide information that may be subject to the attorney-client or attorney work product privileges. CMS notes that the extent of its verification effort will depend, in large part, upon the quality and thoroughness of the submissions received.

Payments, Cooperation and Factors Considered in Reducing the Amounts Owed

CMS will not accept payments of presumed overpayments determined by the disclosing party prior to the completion of CMS’s inquiry because of its interest in verifying the information provided by a disclosing party. The SRDP encourages the disclosing party to place the funds in an interest-bearing escrow account to ensure adequate resources have been set aside to repay amounts owed.

If a disclosing party is subject to a corporate integrity or certification of compliance agreement with the OIG, the party must continue to comply with any disclosure of reportable event requirements under such an agreement. However, if a reportable event solely relates to a Stark Law issue, the disclosure should be made under the SRDP with a copy to the OIG.

Throughout the entire disclosure process, the disclosing party’s diligence and good faith cooperation is essential. If a disclosing party fails to work in good faith with CMS, CMS will consider the lack of cooperation when it assesses the appropriate resolution of the matter. Further, if a disclosing party provides false or misleading information, or intentionally omits relevant information, CMS may refer the matter to the DOJ or other appropriate agencies.

The SRDP sets forth factors that CMS may consider in reducing amounts otherwise owed:

  • The nature and extent of the illegal or improper practice;
  • The timeliness of the self-disclosure;
  • The cooperation of the disclosing party in providing additional information;
  •  The litigation risk associated with the disclosure; and
  •  The financial position of the disclosing party.

Further, CMS will make determinations on an individual, facts and circumstances basis for each disclosure.


The SRDP does not address all questions that providers may have regarding self-referral disclosures (eg, SRDP does not address how CMS will handle technical violations such as expired agreements or missing signatures). However, the SRDP does provide healthcare providers with a summary of its requirements for disclosing violations of the physician self-referral law. Because of the risks associated with making the disclosure, it remains to be seen whether the SDRP will be utilized by providers with any frequency. Regardless, it highlights the need for healthcare providers to review physician agreements and assess their compliance with the physician self-referral law.