On April 17, 2013, the Office of Inspector General of the Department of Health and Human Services (“OIG”) released an Updated Provider Self-Disclosure Protocol (“SDP”). The Updated SDP replaces OIG’s original Provider Self-Disclosure Protocol, published in the Federal Register in October 1998, and supersedes OIG’s related open letters from 2006, 2008 and 2009.
The Updated SDP reflects a number of important changes, described below.
Availability of the SDP
OIG clarified that the SDP is available to drug and device manufacturers, not just health care providers. Consistent with this clarification, throughout the SDP, OIG refers to “disclosing parties” rather than to “providers,” as had been the case in the 1998 Protocol and subsequent open letters.
OIG reiterated that disclosing parties may use the SDP even if they are already subject to a government inquiry, so long as the disclosure is made in good faith. In those cases (as it may do otherwise), OIG would coordinate with the Department of Justice (“DOJ”). Significantly, OIG stated that it “will advocate that the disclosing party receive a benefit from disclosure under the SDP” in any matter in which DOJ is involved.
Finally, OIG confirmed that the SDP is available for matters subject to civil monetary penalties under Federal criminal, civil, or administrative law, but not matters violating only the Stark Law, which must be processed through the CMS Self-Referral Disclosure Protocol, or that exclusively involve overpayments and errors, which remain subject to the voluntary refund process dictated by a provider’s or supplier’s local Medicare Administrative Contractor.
Relationship Between Identified Overpayments and the SDP
The Affordable Care Act required providers and suppliers to report and repay overpayments within 60 days of their identification. Last year, CMS issued a Proposed Rule to implement that requirement (see Ropes & Gray’s Alert, here). Although CMS has not finalized that rule, OIG indicated (i) that it expects self-disclosure under the SDP to satisfy a party’s compliance with the 60-day requirement and (ii) that a provider or supplier can toll the running of the 60-day time limit and avoid conversion of an identified overpayment into a potentially actionable claim under the False Claims Act by making a disclosure to OIG under the SDP. The initial submission does not need to include the complete findings from the provider’s or supplier’s internal review nor contain a calculation of overpaid amount, but the provider or supplier will have only an additional 90 days to complete these tasks or risk being rejected from the SDP.
OIG noted that providers and suppliers must also show “good faith willingness” to resolve all liabilities within the six-year Civil Monetary Penalties Law statute of limitations in order to be accepted into the SDP and deemed to satisfy the 60-day requirement.
Additional Requirements for SDP Submissions
To be eligible for the SDP, disclosing parties must complete an internal investigation within 90 days of their initial submission to OIG. Disclosing parties also must “acknowledge” that the conduct involves a potential violation of Federal criminal, civil, or administrative laws, and identify with specificity the laws potentially violated. OIG cautions that failure to make a clear acknowledgment will result in the rejection of a submission under the SDP.
Calculation of Damages
The Updated SDP provides a detailed methodology for calculation of damages from false billing, conduct involving excluded persons, and Federal Anti-Kickback Statute (“AKS”) violations.
For billing matters, OIG has incorporated sampling and extrapolation principles and requirements similar to those found in Corporate Integrity Agreements (“CIAs”). For conduct involving excluded persons whose services are not separately billed to Federal health care programs (e.g., a hospital’s employment of a nurse who has been excluded from participation in Federal health care programs), OIG will use the disclosing party’s total costs of employment or contracting during the period of exclusion (e.g. salary, fringe benefits and taxes), multiplied by the disclosing party’s revenue-based Federal health care payor mix for the relevant time period. For AKS violations, while OIG requires parties to calculate the claims affected by the violation, OIG indicated that civil monetary penalty damages generally will be compromised based on a multiple of the total amount of remuneration involved in the arrangement(s).
Significantly, OIG reaffirmed that its “general practice . . . is to require a minimum multiplier of 1.5 times the single damages,” although noted that it will “determine in each individual case whether a higher multiplier may be warranted.”
Resolution of a SDP Submission
Offering an incentive for self-disclosure, OIG reaffirmed its presumption against requiring parties who disclose noncompliance to enter a CIA, stating that, in the 235 cases settled through the SDP since 1998, only one settlement imposed ongoing integrity measures on a provider in exchange for a release of OIG’s permissive exclusion authorities.
Resolution through the SDP is not a fast process. Reflecting OIG’s heavy caseload, the Updated SDP advises that the average time for a pending case is twelve months from acceptance into the SDP. Also reflecting OIG’s own interest in reserving the SDP for more significant matters, OIG repeated its expectation of a $50,000 minimum settlement for AKS-related submissions, first discussed in the 2008 open letter, and added a $10,000 minimum settlement amount for all other matters resolved through the SDP.