On July 13, 2017, the Department of Justice ("DOJ"), in conjunction with the Department of Health and Human Services ("HHS"), continued its annual tradition of coordinating the filing of charges and sweeping arrests in nationwide, unconnected, health care fraud prosecutions. This latest roundup involved charges against 412 defendants, across 41 federal districts (30+ states), and accusations that the defendants defrauded taxpayers of approximately $1.3 billion.[1] The round-up included multi-defendant targets in Texas, New York, Florida, Michigan, California, Illinois, Louisiana, Connecticut, and Virginia, and other states.

This year's round-up was described as the "largest health care fraud enforcement action in Department of Justice history."[2] While the scope may be unprecedented, the large scale health care fraud enforcement, including hundreds of coordinated arrests, was not. In 2007, DOJ and HHS launched the Medicare Fraud Strike Force, designed to combat Medicare and other health care fraud through advanced data analysis and the coordination of Federal, State, and local law enforcement entities. Since its inception, the Strike Force has annually announced a major healthcare fraud takedown.[3] According to the Office of the Inspector General of HHS, prior to the recently announced sweep, the Strike Force had resulted in thousands of indictments regarding schemes which defrauded taxpayers of billions of dollars.[4] As data analytics improve and DOJ, HHS, the FBI, and other state and local enforcement agencies become increasingly familiar with novel, aggressive and/or creative business practices prevalent in the health care industry, we can expect the Strike Force to continue its annual enforcement tradition. In fact, Attorney General Jeff Sessions warned that while this year's takedown was "a historic day, the Department's work is not finished. In fact, it is just beginning. We will continue to find, arrest, prosecute, convict, and incarcerate fraudsters and drug dealers wherever they are."[5]

During public comments addressing this year's strike, Sessions focused on the opioid epidemic, noting that over 120 defendants were charged with crimes related to the distribution of opioids and other dangerous narcotics, including through fraudulent, unnecessary prescription writing and cash for prescription schemes. However, while opioids were a major talking point, a majority of the cases in the round-up involved other types of alleged fraud, including kickbacks for beneficiary referrals, fraudulent billing to Medicare, Medicaid, and TRICARE for unnecessary procedures or treatments/services never provided, money laundering related to false or unnecessary billings, wire fraud, and embezzling funds from a medical office. This health care strike focused broadly on doctors, nurses, pharmacists, and other medical professionals.

Examples include:

  • In the Southern District of Mississippi, the co-owner and pharmacist in charge of a compounding pharmacy and a marketer for the pharmacy were charged with conspiracy to commit health care fraud and money laundering for their roles in seeking approximately $192 million in reimbursements from TRICARE and other benefit programs for compound topical creams.[6] The pharmacist allegedly failed to collect patient copayments for the creams or paid the copayments on behalf of the patients, in order to seek reimbursement. The marketer allegedly solicited physicians and other medical professionals to write prescriptions for the compound topical creams, at times without even seeing the patients, and then would falsify patient records to cover-up the scheme.
  • In the Eastern District of New York, 10 individuals were arrested, including doctors, therapists, a chiropractor, and medical company owners.[7] In particular, five health care professionals were indicted for conspiracy to commit health care fraud, wire fraud, and related tax charges, for their roles in a scheme where illegal kickbacks were paid for referrals of patients to their clinics. The group allegedly billed the Medicare program approximately $100 million during the course of the conspiracy. Another individual in the Eastern District was charged with health care fraud, engaging in an illegal kickback scheme, conspiracy to commit money laundering, and conspiracy to obstruct the lawful functions of the IRS, for operating numerous clinics across Brooklyn where patients were acquired by paying bribes and kickbacks to beneficiaries, including to Brooklyn-area ambulance drivers, and then subjecting the patients to unnecessary tests.[8]
  • In the Northern District of Texas, four individuals were charged for their role in a fraud scheme which involved unnecessary and improperly prescribed toxicology and DNA cancer screening tests, which resulted in $36 million in improper billing to TRICARE.[9] The prescribed tests were either not legitimately prescribed, not needed by the patients, not provided as billed, or were the result of kickbacks. Allegedly, the scheme involved giving Wal-Mart gift cards in exchange for specimens which could be tested and billed to TRICARE, using signature stamps to add doctor signatures to testing orders, and then placing false diagnosis codes on the TRICARE submissions. The defendants face up to five years in federal prison.
  • In the Southern District of Texas, a former laboratory technician at a medical clinic and an account representative for a toxicology testing company were indicted for conspiracy to commit health care fraud, health care fraud, and aggravated identity theft for a scheme which resulted in Medicare billings of approximately $836,788.[10] The two individuals allegedly established an account between the medical clinic and toxicology company, and then misappropriated patient specimens from the medical clinic to the toxicology company without the consent of the patient or doctor, allowing the two individuals to collect commissions and collection fees from the toxicology testing company. In furtherance of the scheme, allegedly false medical records were created. Also in the Southern District of Texas, a physician and the owner of a clinic were indicted for conspiracy to distribute and dispense controlled substances and three counts of distributing and dispensing controlled substances.[11] These two individuals were involved with a pain management clinic that provided medically unnecessary prescriptions in exchange for cash. The clinic was one of the highest prescribing hydrocodone clinics in Houston, seeing upwards of 60-70 patients daily.
  • In the Middle District of Florida, a former sales rep for a biopharmaceutical company was charged with conspiracy to violate the anti-kickback statute, to commit mail fraud, and to commit health care fraud for billing Medicare Part B as if an entire "Dermagraft" was used for each patient, when in reality the company would divide a "Dermagraft" among multiple patients.[12] In addition, the sales rep is also charged with providing free medical supplies and samples, meals, and other consumables, as well free medical office procedures and services as kickbacks. Also in the Middle District of Florida, a podiatrist was charged with health care fraud and is now facing a potential ten year prison sentence and restitution of $1.5 million for false diagnosis and false billing codes used to defraud Medicare and TRICARE.[13] The podiatrist allegedly would bill Medicare for "removal of skin and muscle" when in reality he was performing routine foot care, such as toenail clipping, which are not reimbursable services.

These are just a few examples of the types of cases announced in this year's takedown.

In light of the broad variety of conduct and business practices that are the subjects of the myriad charged cases discussed above, private health providers should scrutinize and review their compliance plans, practices and procedures. An effective compliance program is the foundation for managing people, resources, contracts, operations, and business practices with an eye towards limiting, detecting and remediating misconduct – and avoiding enforcement actions like the ones brought last week. To put it another way, a failure to plan for compliance is a plan for compliance failure.

And although compliance efforts require an allocation of resources, the consequences for compliance failures under the Anti-Kickback Statute, the Stark Law, and the False Claims Act – each of which regulate federal funding of health care – can be catastrophic, as illustrated above: millions of dollars in fines, revocation of eligibility to participate in federal health care programs, and criminal liability – for individuals and for organizations. Those are potentially enterprise-ending consequences.

Establishing an effective compliance plan that addresses an organization's operations, policies, practices, documentation and contractual arrangements often starts with a critical self-assessment and leads to the development of a regular protocol, procedure, and systems for ensuring compliance on an ongoing and long-term basis. Ethical leadership and due diligence – which enable good results – are by design. And because criminal liability is potentially implicated in enforcement actions, the United States Sentencing Commission published guidelines – which have been modified and adopted by the Office of Inspector General (OIG), an agency of the United States which is involved in regulating federal funding of health care – which underscore that successful compliance depends upon precisely that kind of diligence. These guidelines are a useful starting point for such a discussion of best practices – and for instituting a program and long-term plan for ongoing compliance. These guidelines include:

  • The development and distribution of written standards of conduct, as well as written policies and procedures that promote the hospital's commitment to compliance (e.g., by including adherence to compliance as an element in evaluating managers and employees) and that address specific areas of potential fraud, such as claims development and submission processes, code gaming, and financial relationships with physicians and other health care professionals;
  • The designation of a chief compliance officer and other appropriate bodies, e.g., a corporate compliance committee, charged with the responsibility of operating and monitoring the compliance program, and who report directly to the CEO and the governing body;
  • The development and implementation of regular, effective education, and training programs for all affected employees;
  • The maintenance of a process, such as a hotline, to receive complaints, and the adoption of procedures to protect the anonymity of complainants and to protect whistleblowers from retaliation;
  • The development of a system to respond to allegations of improper/illegal activities and the enforcement of appropriate disciplinary action against employees who have violated internal compliance policies, applicable statutes, regulations or Federal health care program requirements;
  • The use of audits and/or other evaluation techniques to monitor compliance and assist in the reduction of identified problem area; and
  • The investigation and remediation of identified systemic problems and the development of policies addressing the non-employment or retention of sanctioned individuals.[14]