OIG Issues 2013 Guidance On Provider Self-Disclosure Protocol

Charged with protecting the integrity of federal healthcare funds, the U.S. Department of Health and Human Services’ Office of the Inspector General (OIG) has allowed parties in violation of the law to self-report their actions under its self-disclosure protocol (SDP) as a method of policing federal health program fraud. Issued on April 17, the updated Provider Self-Disclosure Protocol replaces OIG’s previous guidance on the SDP and follows on the heels of OIG’s request for public comment on revising the SDP to be more user-friendly for healthcare providers.

OIG’s Previous Guidance And The SDP To Date

Initially designed to provide healthcare providers working with federal healthcare programs the opportunity to self-report potential fraud, disclosure under the SDP sought to expedite resolution of such matters by permitting the providers themselves to undertake the bulk of the investigative burden. The SDP delineates the specific elements that disclosing parties must include in their report and gives disclosing parties the opportunity to avoid the costs associated with government-directed investigations or civil or administrative actions. Benefits of the SDP from the provider standpoint may include a speedy resolution of the matter, imposition of a lower multiplier for calculating damages or an exclusion release without the obligation of a corporate integrity agreement. OIG determines whether to grant these leniencies, if any, on a case-by-case basis. The SDP has proven successful, depending on one’s point of view, over the course of its roughly 15-year existence, as the program has aided in the resolution of more than 800 disclosures and resulted in recoveries of more than $280 million to federal healthcare programs. OIG’s 2013 guidance supersedes and replaces its previous guidance on the topic, including its 1998 Federal Register Notice and the three Open Letters to Health Care Providers in 2006, 2008 and 2009.

OIG’s Updated Guidance

While the updated SDP guidance preserves many aspects of the previous SDP system, the guidance makes several interesting clarifications. Notably, the updated guidance provides that self-reporting parties will likely not need to enter into corporate integrity agreements with OIG. Further, OIG’s new guidance seeks to expedite the SDP process by requiring disclosing parties to complete internal investigations surrounding the matter within 90 days of submitting the matter to OIG, as opposed to within 90 days of OIG’s acceptance of the matter for review. Additionally, OIG notes that it will coordinate with the Department of Justice and the Centers for Medicare & Medicaid Services to resolve criminal and civil liability under those agencies’ statutory mandates. Other major elements of OIG’s updated SDP guidance are discussed below.

Parties And Conduct Eligible For Reporting Under SDP

Generally, the SDP is available to facilitate the resolution of matters that potentially violate federal criminal, civil or administrative laws for which civil monetary penalties are authorized. As a self-reporting system, the SDP allows disclosing parties to report only their own conduct; however, successor liability may be implicated when mergers or acquisitions are involved. A key element of the SDP is that the disclosing party must acknowledge that the conduct is a potential violation of the law and must explicitly identify the specific laws that were potentially violated. Further, the disclosing party must agree to waive any statutes of limitation, laches or other similar defenses to any resulting administrative action filed by OIG relating to the disclosed conduct. In addition, prior to disclosure, the party should generally make sure that the conduct reported within the SDP has ceased and take steps to ensure that corrective action is taken.

Types Of Information To Be Included In All Disclosures

Disclosures made pursuant to the SDP must include information responsive to 11 discrete categories, including, but not limited to:

  • a concise statement of all details relevant to the conduct disclosed;
  • a statement of the federal criminal, civil or administrative laws that are potentially violated by the disclosed conduct;
  • the federal healthcare programs affected by the disclosed conduct;
  • an estimate of the damages; and
  • a description of the party’s corrective action taken on discovery of the conduct.
Conduct Involving False Billing

When reported conduct involves the submission of improper claims to federal healthcare programs, the disclosing party is required to estimate the improper amount paid by the federal healthcare program. This estimate may be based on either a tally of all the claims affected by the matter at issue or a statistically valid random sample of claims, which will then be used as a basis for estimating overall damages of the entire claims population impacted by the reported conduct. Additional requirements are applicable for SDP reports based on sampling.

In addition to providing an estimate of damages, a disclosing party that is self-reporting false billing must include all of the following information in its report:

  • detail regarding review objectives;
  • descriptions of the population/group of claims affected by the false billing;
  • the sources of data;
  • the qualifications of the personnel conducting the review; and
  • the characteristics being measured.
Conduct Involving Excluded Persons

When reporting violations of the law involving the employment of or contracting with individuals who appear on OIG’s List of Excluded Individuals and Entities, disclosing parties must ensure that all self-reports contain the following information:

  • the identity of the excluded individuals;
  • the duties performed by those individuals;
  • the dates of the employment or relationship;
  • a description of the disclosing party’s screening process for employees or contractors; and
  • a description of the steps taken for corrective action to prevent future hiring of excluded individuals.

Further, the disclosing party must screen all other current employees to ensure that the organization does not employ or contract with other excluded individuals. With regard to calculating the damage to federal healthcare programs due to a disclosing party’s involvement with an excluded party, OIG provides guidance that distinguishes between procedures to be used when billing associated with the excluded individual may be itemized versus global billing situations in which it is difficult or impossible to analyze individual items.

Conduct Involving The Anti-Kickback Statute (AKS) And The Stark Law

Self-disclosures involving potential violations of the AKS and the Stark Law must contain certain data elements. First, the disclosure must clearly acknowledge that the party believes the matter constitutes a potential violation of the AKS and/or the Stark Law. The statement must be clear and straightforward and contain no conditional or mitigating language. The description must also include a concise statement of the relevant details and a specific analysis of the reason each disclosed arrangement potentially violates the AKS and the Stark Law. Further, the disclosure should include a description of the parties’ relationships with each other, payment arrangements, and the context and features of the arrangement that raise potential liability. When calculating damages, the parties should include the total amount of remuneration involved in each arrangement, but they may explain why they believe that certain portions of the remuneration should not be excluded from OIG’s calculation of a settlement amount.

Minimum Settlement Amounts

Although OIG does not demand admission of liability in settlement agreements, disclosing parties should nevertheless expect to pay above single damages. OIG’s general practice is to require a minimum multiplier of 1.5 times the actual damages. Further, OIG imposes minimum settlement amounts under the SDP ranging from a minimum of $50,000 for an AKS-related submission to a minimum of $10,000 for all other submissions.

SDP’s Interaction With The “60-Day Rule”

Under the 60-Day Rule, all providers are obligated to report and return to Medicare and Medicaid any overpayments within 60 days following the date the overpayment was identified or the date any applicable corresponding cost report is due, whichever is later. OIG states that a return of an overpayment pursuant to the 60-Day Rule that is subsequently linked to the same or similar conduct disclosed under the SDP will result in OIG crediting the amount paid under the 60-Day Rule toward the ultimate settlement amount under the SDP.

Providers must take note of OIG’s new guidance when deciding whether to disclose under SDP. OIG’s full Provider Self-Disclosure Protocol is available at To discuss the guidance’s impact on your organization, please contact Douglas A. Grimm, FACHE, at 215.564.8539.

Published .