Ann & Natalie’s Compliance Corner
Welcome back to Ann & Natalie's Compliance Corner! This month we report on recent updates to the Department of Health and Human Services Office of Inspector General’s (“OIG”) Provider Self-Disclosure Protocol. Missed last month’s discussion of the OIG’s evaluation of the legality of prompt pay patient discounts? Click here.
On April 15, 2008, the OIG issued an Open Letter to Health Care Providers (Letter) updating the requirements of its Provider Self-Disclosure Protocol (SDP), under which health care providers can voluntarily report violations of law. Since it was introduced in 1998, the SDP has offered guidance to health care providers seeking to voluntarily disclose health care compliance matters that potentially violate federal criminal, civil, or administrative law. Over the past decade the OIG reports that it has received 379 disclosures, with settlements totaling $118 million.
Until now, the OIG’s SDP framework allowed for voluntary reporting and subsequent resolution, but it usually resulted in the OIG imposing a monetary settlement, and often a Corporate Integrity Agreement (CIA), on the reporting party. Under this prior framework, there was also a general concern with the OIG’s advisory guidance that an SDP disclosure could lead to a referral to the U.S. Department of Justice.
While some of these concerns remain, Inspector General Daniel R. Levinson said that the OIG has streamlined its processes for resolving SDP cases. He further indicated that the organization is committed to enhancing the SDP program’s benefits for providers that actively seek to identify, investigate, and voluntarily report suspected illegal conduct and federal health care program abuses.
In a speech announcing the Letter, Levinson highlighted a significant revision to the updated SDP–the OIG’s decision to adopt a presumption against requiring a CIA.
The Letter indicates that “[a] provider’s submission of a complete and informative disclosure, quick response to OIG’s requests for further information, and performance of an accurate audit are indications that the provider has adopted effective compliance measures.” In these instances, the OIG will cooperate with providers to reduce monetary settlements to “an amount near the lower end of the damages continuum,” and will generally not impose Corporate Integrity or Certification of Compliance Agreements.
In addition to the favorable presumption against a CIA, Levinson outlined four additional submission requirements for reports filed under the updated SDP.
Previously, the SDP offered two options for self-disclosure: either a provider could disclose with basic information at the beginning of its own internal investigation, or a provider or supplier could choose to disclose by submitting more detailed information to the OIG after it had completed its internal investigation and self-assessment. According to the 2008 Open Letter, the OIG will no longer permit providers or suppliers to submit disclosures containing only basic information. All submissions must now include: a complete description of the conduct being disclosed, a description of the internal investigation or a commitment regarding when the investigation will be completed, a statement of the laws potentially violated, and an estimate of the federal health care program's damages (or a commitment as to when the estimate will be completed).
The OIG will now require practices to complete the internal investigation and self-assessment within three months after acceptance into the SDP. Practices that fail to conduct a sufficiently thorough investigation or who fail to comply with all of the OIG requirements will be excluded from participation in the SDP program, while the OIG will retain its authority to independently investigate the matter and/or to refer the matter to the U.S. Department of Justice.
The decision to voluntarily disclose requires consideration based on an analysis of each situation. By improving the likelihood that an entity will avoid a CIA, limiting monetary penalties, and committing to prompt and efficient resolution of issues, the OIG’s revisions may make participating in the program more appealing to organizations with strong, well-established Compliance and Internal Audit programs. Corporate leadership must carefully consider the risks and responsibilities associated with voluntary disclosure and determine on a case-by-case basis whether voluntary reporting under the SDP program is appropriate.
A copy of the SDP is available on the Web at: http://www.oig.hhs.gov/fraud/selfdisclosure.html or at 63 Fed. Reg. 5839 (Oct. 21, 1998).
Disclaimer: The content of Compliance Corner is for general informational purposes only and should not be interpreted as compliance guidance or advice. Consult your compliance advisor or attorney for compliance or legal advice on specific issues related to your practice or compliance program.
