The U.S. Government Accountability Office (GAO) released a report on May 10th characterizing over 10 years of corporate integrity agreements and integrity agreements (collectively, “Agreements”) entered into by the U.S. Department of Health and Human Services Office of Inspector General (“HHS-OIG”) with entities subject to HHS-OIG’s permissive exclusion authority. The report was requested by the Senate Committee of Finance due to concern that there was a lack of public information regarding HHS-OIG’s use of Agreements in enforcement.

The GAO report reviewed over 652 Agreements entered into between July 2005 and July 2017, and describes, among other things: 1) the circumstances leading to the use of Agreements; 2) standard provisions included in Agreements; 3) HHS-OIG’s methods for monitoring compliance with Agreements; and 4) enforcement by HHS-OIG in the case of noncompliance with the terms of Agreements.

Circumstances Leading to the Use of Agreements

When HHS-OIG is permitted to exercise its permissive exclusion authority, requiring the entity to enter an Agreement is one alternative to excluding the entity from participation in federal health care programs. In deciding what action to take, HHS-OIG considers the future risk posed by the entity to federal health care programs based on four broad criteria:

  • the nature and circumstances of the conduct;
  • the entity’s conduct during the government’s investigation;
  • whether the entity has made efforts to improve its conduct; and
  • the entity’s history of compliance.

The GAO found four main initial allegations that resulted in an entity entering into an Agreement with HHS-OIG:

  • billing for services not rendered;
  • provision of medically unnecessary services;
  • acts prohibited by the federal Anti-Kickback Statute (42 U.S.C. 1320a-7b); and
  • misrepresentation of services/products.

The fourth category encompasses a wide range of conduct, such as one case that included allegations that the entity provided improper remuneration and falsified a physician’s signature on laboratory requisition forms. Sixty-three percent of Agreements were based on only one initial allegation.

The GAO found that the number of new Agreements entered into each year decreased between July 2005 and July 2017, reflecting HHS-OIG’s effort to focus its enforcement resources on entities that present the highest risk of fraud. Since 2014, HHS-OIG’s monetary threshold for damages to federal health care programs that must be exceeded before it will pursue an Agreement has been $500,000 for small entities and $1,000,000 for large entities. Though this dollar value is referred to as a threshold, the GAO report points out that the value of damages is only one factor HHS-OIG considers, and the risk of beneficiary harm may also cause HHS-OIG to require an Agreement.

Standard Provisions Included in Agreements

The GAO evaluated six Agreement templates and a sample of 32 Agreements entered into after January 2010 to assess current trends in standard Agreement terms. The GAO found that Agreements contained:

  • Non-negotiable terms that HHS-OIG officials indicated are always included in all Agreements, including requiring the entity to hire a compliance officer, submit annual reports, and permit HHS-OIG access to the entity upon request;
  • Provisions common among all types of Agreements, including requiring the entity to engage an independent organization for certain reviews, or conduct education and training;
  • Terms unique to the type of Agreement. For example, corporate integrity agreements with large entities typically contained specific responsibilities for the entity’s board of directors and requirements for certain high-level employees to annually certify compliance with federal health care program requirements and the Agreement;
  • Terms that varied based on the nature of the conduct. For example, Agreements with entities whose alleged conduct involved impermissible kickbacks contained specific provisions to ensure compliance with the federal Anti-Kickback Statute; and
  • Provisions relevant to the industry of the entity subject to the Agreement. For example, Agreements with pharmaceutical manufacturers have required the manufacturer to submit any correspondence with the U.S. Food and Drug Administration that materially discussed the actual or potential unlawful or improper promotion of the manufacturer’s product.

HHS-OIG’s methods for monitoring compliance with Agreements

HHS-OIG assigns a monitor to each Agreement who oversees the entity’s compliance with the terms of the Agreement. Monitors may be a staff attorney or program analyst at HHS-OIG. Monitoring responsibilities include:

  • Reviewing the information provided in any required reports;
  • Providing assistance to help entities understand their integrity obligations;
  • Reviewing and responding to periodic correspondence regarding reportable events, required notifications, and other communications;
  • Drafting letters regarding identified non-compliance, including stipulated penalty demand letters that require the entity to pay a penalty for non-compliance; and
  • Conducting site visits to ensure compliance.

HHS-OIG conducted 211 site visits in connection with 155 Agreements entered into after 2010. Eighty-seven percent of site visits were to entities with CIAs, and the typical site visit lasted one to one-and-half days. Monitors select site visit locations based primarily on their concerns about a specific entity, as well as additional factors, like the type of provider, the size and complexity of the entity, length of the Agreement, and severity and complexity of the offenses that resulted in the Agreement. A site visit may consist of document review, meetings with certain personnel, and facility tours, among other activities.

Enforcement by HHS-OIG in the case of noncompliance with terms of Agreements

According to HHS-OIG, most entities comply with their Agreements. When there is non-compliance, HHS-OIG takes escalating steps to address the issue, including working with the entity to request additional information regarding the non-compliance and potentially excluding the entity from participation in federal health care programs. HHS-OIG also has the option to demand an entity pay stipulated penalties as set forth in the Agreement and/or send the entity a letter of material breach of the Agreement for, among other things, failure to respond to a stipulated penalties demand letter, repeated and flagrant violations of the Agreement, or failure to notify HHS-OIG of reportable events.

From July 2005 to July 2017, HHS-OIG sent out 10 material breach letters. In addition, HHS-OIG sent out 5 exclusion letters associated with Agreements with 4 entities, including 3 entities that had already received material breach letters. In the same time period, HHS-OIG sent out 41 stipulated penalty demand letters and collected $5.4 million in stipulated penalties. Demanded penalties ranged from $1,000 to over $3 million with a median of $18,000.

The GAO found that HHS-OIG entered into Agreements with 30 different types of entities in the period included in the review, but more than half of the Agreements were with individual and small group practices, hospitals, and skilled nursing facilities. Of the 652 Agreements included in the review, 619 also included a settlement agreement with the U.S. Department of Justice (DOJ). Though pharmaceutical manufacturers represented only 6 percent of the entities who entered into an Agreement with HHS-OIG, they accounted for 62 percent of the settlement amounts owed to the DOJ by those entities ($11.8 million of $19.2 million)