Feds offering new break to wrongdoers who confess

New self-disclosure policy now in effect

The Office of the Inspector General’s (OIG) voluntary disclosure program has engendered a lukewarm response from providers since its launch in 1995. The OIG has decided to scrap the program and replace it with a new self-disclosure protocol, effective immediately.

The new protocol gives health care providers who uncover past or current billing problems an opportunity to essentially turn themselves in to the OIG. The understanding is that in return, the provider will avoid a lengthy investigation and prosecution in exchange for repaying any overpayments plus applicable fines, unless involved in overt and ongoing criminal activity.

"Although the protocol eliminates some of the problems with [the voluntary disclosure program], it is not a risk-free procedure for disclosing noncompliance," says Joan Dailey, an attorney in the Washington, DC, office of Reed Smith Shaw & McClay. "Health care providers should carefully consider the risks and benefits of voluntary disclosure under the protocol."

The good news is that "the OIG has created an expanded — and, in some ways, more flexible — successor to the program," says Dailey. All health care providers nationwide, regardless of industry, specialty, or type of service, are eligible to participate. In addition, the program is open to both corporate entities and individuals, and participants will not be automatically rejected if they are already the subject of an investigation.

"This protocol should prove more appealing to providers, because, according to the OIG, it contains no predisclosure requirements, applications for admission, or qualifying criteria," notes Dailey. "Moreover, there is no requirement that providers sign a written agreement with respect to their participation in the program, but the government expects good-faith disclosure and cooperation."

While the new disclosure protocol has its place, it may not be right for every situation, advise experts. For instance, "if a provider has received an overpayment through no fraud or fault of its own, a refund in the normal course of business may be more appropriate than using the protocol process," says Dailey.

For providers who are at fault in any way, "the protocol process may prove to be a viable mechanism for notifying the government and arriving at a palatable resolution," she says.

However, the OIG’s outline also advises that the protocol should not be invoked by a provider who discovers an "ongoing fraud scheme" within its organization. In such a case, "there is a substantial risk that the government’s subsequent investigation will be compromised." How the OIG defines "ongoing fraud scheme," however, is uncertain.

Another downside is that providers cannot expect confidential treatment of any of the information they disclose or other information gained by the OIG through its verification process.

Like many things in life, timing plays a critical role in determining whether or not a provider will receive favorable treatment by the OIG. For instance, based on the guidelines for the OIG’s compliance program, providers who report any possible wrongdoing within 60 days of discovery have the best chance to avoid being subject to a full-court legal press for being perceived to have acted in "bad faith."

To qualify for assessment of double damages instead of triple damages under the False Claims Act, a provider must report the noncompliance within 30 days of its discovery.

Full cooperation, however, does not mean you get a get-out-of-jail-free card for all activities.

"Even after good-faith disclosure and cooperation with the OIG, this does not guarantee that you can’t be excluded from the Medicare or Medicaid program, investigated for unrelated noncompliance discovered during disclosure, or prosecuted by another state or federal agency regarding the disclosed matter or disclosure of sensitive information," says Dailey.

If approved by the OIG’s assistant inspector general for investigative operations, the protocol says the OIG will generally agree, for a reasonable period of time, not to investigate the matter if the provider agrees to perform an internal investigation to determine the extent of the problem and how much money is involved.

The results of the internal review must be summarized in a written report certified by the provi der to be truthful and made in good faith. In general, the report must set forth the nature and extent of the noncompliance, as well as the circumstances under which the disclosed practice was discovered and the provider’s response to the matter. More specifically, the report must include such information as:

— potential causes of the practice;
— divisions, departments, and related entities involved or affected;
— the impact on and risks to the health and safety of patients and their quality of care;
— names of corporate officials, employees, or agents who knew of, should have known of, encouraged, or participated in the practice, and the names of individuals who detected the practice.

The amount of any related monetary damages over and above any improper payment will be based on the results of a self-assessment of how the provider says it responded once it discovered there was a problem. This information must include the chronology of investigative steps taken in connection with the internal investigation, including a list of the individuals interviewed and interview summaries, a description of the records reviewed, and a summary of audit activity. It also must include actions taken to stop the practice and prevent its recurrence, as well as a description of any disciplinary actions taken against the provider’s employees, officials, and agents.

Following protocol-provided guidelines, pro viders calculate the monetary impact of their noncompliance on the affected federal health care programs. While it does not have to accept this calculation, the OIG says it will give "substantial credibility" to those providers that faithfully followed its guidelines.