A Tale of Medicare Fraud: U.S. v. St. John

By Tobin Klusty, DePaul University College of Law

Many Medicare fraud schemes have been identified across the country in recent years. A recent Fifth Circuit Court of Appeals case, U.S. v. St. John, dealt with an elaborate scheme to use home health care services to submit fraudulent Medicare claims. Ultimately, the Fifth Circuit affirmed the defendants’ conviction.

Two types of Medicare service providers are relevant here: home-health agencies (HHAs) and physician house-call (PHC) companies. HHAs provide home health care to Medicaid beneficiaries confined to the home, otherwise labeled “homebound.” A beneficiary is considered homebound if his or her condition: (1) keeps the beneficiary from leaving home without aid; (2) makes leaving home require considerable and taxing effort; and (3) causes a physician to recommend that the beneficiary does not leave the home.

Similarly, PHC companies provide primary care and certify patients as homebound. A physician certifies a Medicare beneficiary as homebound through use of the CMS-485 Form and then normally refers that patient to an HHA for care. PHC companies must spend 30 minutes or more on a patient’s Care Plan Oversight (CPO) to receive Medicare reimbursement for the physician’s services. Additionally, a nurse or physician assistant may perform a CPO under the signing physician’s supervision.

In St. John, the defendants—a father and son—owned a PHC company named “A Medical.” The company’s fraudulent scheme centered on their unique relationship with HHAs; rather than A Medical classifying patients as homebound then referring them to HHAs, HHAs referred patients to A Medical in return for A Medical’s “near-certain” homebound certification. This process increased the company’s patient volume, which led to higher reimbursements under Medicaid for provided services. In addition, the company submitted claims for CPOs without fulfilling the thirty minute time requirement.

The defendants were convicted of conspiracies to commit health care fraud and thirteen counts of health care fraud. The district court found that the defendants’ intended loss to Medicare was about $11.2 million with an actual loss to Medicare over $9.6 million. The father was ordered to pay about $9.6 million in restitution while the son was ordered to pay $8.6 million. The defendants’ appealed the conviction to the Fifth Circuit.

The Fifth Circuit decided whether the intracorporate conspiracy doctrine applied to criminal conspiracy cases. The intracorporate conspiracy doctrine states that an agent’s acts are those of the corporation and that corporations cannot conspire with themselves. The doctrine’s purpose was to enable corporations to “[pool] resources to achieve social benefits” and “require a corporation to bear the costs of its business enterprise” against tort liability.

The Fifth Circuit held that the intracorporate conspiracy doctrine did not apply to criminal cases. The court reasoned that extending the rule to criminal cases would not serve either purpose for the doctrine’s use in civil cases. Further, conspiracy liability is designed to limit “group danger,” which a group within a corporation naturally creates.

The second issue was whether the defendant’s “willful” Medicare fraud requires the defendant had actual knowledge of the violated provision. Normally, ignorance of a law is not a legitimate defense to a criminal charge. However, the Supreme Court provided an exception for complex and technical statutes where a person’s “apparently innocent conduct” is criminalized. The health care fraud statute provides “a person need not have actual knowledge of this section or specific intent to commit a violation of this section.”

The Fifth Circuit held that the jury instruction for “willfully” should not require actual knowledge. The court reasoned that the statute’s plain language dismisses the need for actual knowledge. Therefore, the statute’s complexity cannot support an ignorance defense.

Thirdly, the Fifth Circuit decided whether the intended and actual loss calculations properly included the HHA Medicare claims and whether those calculations should be reduced by the legitimate services A Medical provided. Conduct causing financial loss relevant to the “common scheme” of the fraud charged may be included in intended and actual loss calculations. The defendants bear the burden of proving the amount of legitimate services when separating legitimate services from fraudulent conduct “is not reasonably practicable.”

The Fifth Circuit affirmed the court’s calculations, holding that the HHA Medicare claims were properly included as losses. The Fifth Circuit reasoned that the HHA claims were relevant conduct because they were a part of the company’s scheme to make fraudulent claims to the federal government. Next, the court held that the district court did not err in reducing the calculated losses by the legitimate services provided since the company’s fraudulent conduct was too pervasive to be reasonably practicable to separate it from legitimate services provided.

Lastly, the Fifth Circuit decided whether restitution damages could only be based on allegations explicitly mentioned in the indictment. Under the Mandatory Victims Restitution Act, restitutions are limited “to the actual loss directly and proximately caused by the defendant’s offense of conviction.” The actions alleged in the indictment define the underlying scheme to defraud the government. Further, the government may award restitution damages pursuant to a fraudulent scheme. Since it requires proof of a fraudulent scheme, a health care fraud conviction can support broad restitution awards.

The Fifth Circuit again affirmed, holding that the restitution award properly included loss pursuant to the company’s fraud scheme though the loss was not specifically mentioned in the indictment. The court reasoned that the HHA Medicare claims were an integral part of A Medical’s scheme to defraud the government. Further, the indictment references the exact conduct that the defendants claim was omitted: certifying patients as homebound to make them available for home health services. Thus, A Medical certified the patients knowing that the HHAs would then make fraudulent claims.

Overall, United States v. St. John provides useful insight into the complexity of Medicare fraud. Further, it illustrates how monetary motivations may lead to unethical corporate behavior. But the Affordable Care Act, through HHS, has increased efforts to stop health care fraud. After all, fraudulent claims drive up health care costs—something the United States certainly does not need.

Tobin Klusty is a second year law student at DePaul University College of Law. Tobin is a fellow of the Jaharis Health Law Institute at DePaul; a case brief staff member on the Institute’s online publication, E-Pulse; and a staff writer on the DePaul Health Care Law Journal. His research focuses on the intersection of health care and civil rights. Tobin will be competing as a member of the DePaul National Trial Team in Spring 2016.

Overview: The Transparent Ratings on Usability and Security to Transform Information Technology Act of 2015

By Lana Smith, DePaul University College of Law

As technology becomes more integrated in health care, some individuals and organizations are calling for better regulations of health information technology (HIT) systems. On October 6, 2015, U.S. Senators Sheldon Whitehouse (D-RI) and Bill Cassidy (R-La) answered the call by introducing bipartisan legislation to strengthen accountability and improve transparency in HIT. Submitted as the Transparent Ratings on Usability and Security to Transform Information Technology (TRUST IT) Act of 2015, the TRUST IT Act is meant to be consumer-facing support for health care organizations selecting an electronic health records system (EHRs).

Currently, EHRs must be certified in order to qualify for an incentive program with CMS and the Office of the National Coordinator for Health Information Technology (ONC). The incentive program requires EHR technology to give assurances to purchasers and users that the EHR system offers the necessary technological capability, functionality, and security to meet meaningful use criteria. Although certification offers some guarantees, Whitehouse and Cassidy created the TRUST IT Act since they believe “there is no way to ensure health IT continues to deliver as promised for doctors and patients, and no way to easily compare one product to another.”  The TRUST IT Act would establish safeguards so certified HIT systems do not underperform on their promised outcomes, and would also allow consumers to compare different HIT products based on the system’s performance.

To enable transparency in the market, the TRUST IT Act creates a rating system that would evaluate the performance of certified HIT in the areas of security, usability, and interoperability. The rating system would be promulgated as a star rating: three stars signifying excellence, two stars equaling satisfactory performance, and one star being less than satisfactory. The rating system would be published on the ONC website, and developed through a transparent stakeholder input process. For vendors who had received a one-star rating, the Secretary of HHS would create a corrective action plan. Any failure by the vendor to improve their status in the timeframe designated by the corrective action plan could result in the decertification of the vendor’s technology.

The rating system would be overseen by a development council including one representative from each of the accredited HIT certifying bodies and testing laboratories, and one representative from the ONC. Reporting criteria for the vendors to establish a rating would be required, and the council would create the reporting criteria within one year of the TRUST IT Act’s enactment. As written, the TRUST IT Act proposes to evaluate the areas of security, usability and user-centered design, interoperability, conformance to certification testing, and other categories as appropriate to measure the performance of HIT. The public would have a 60-day comment period to speak on the reporting criteria and methodology prior to the issuance of the final rule.

Additionally, the TRUST IT Act would create a confidential process for collecting and verifying feedback from users for security, usability, and interoperability. Feedback would also be received from vendors on common practices of users that could inhibit interoperability. Vendors would submit this feedback, and every two years the vendors would also be responsible to report their performance.  Any vendor who did not report their performance would incur fines for failure to do so. The fines collected from this type of vendor violation would be used to create a revolving user compensation fund to help offset costs of purchasing new certified HIT systems for users whose system had been decertified.

While the TRUST IT Act is designed to streamline the functionality and use of HIT systems, it seems unlikely the bill will be passed. Early numbers show a mere 8 percent chance of the Act getting through the Senate Health, Education, Labor, and Pensions Committee, and only a 4 percent chance of being enacted. Even though similar rating systems exist for different areas of health care, there might not be a substantial need for the TRUST IT Act’s system at this time. Moreover, the TRUST IT Act’s rating system and proposed criteria may not be developed enough to effectively create change to lacking HIT systems. A final concern is the rapid rate of development and change in technology. As the systems are developed, remodeled, and enhanced, this could leave vendors receiving a one-star rating or decertification, even though the technology is relatively young.

Lana Smith is currently pursuing her law degree and health law certificate from DePaul University College of Law in Chicago, Illinois.  She completed her undergraduate degree from the University of Michigan in International Studies – Comparative Cultures & Identities.  Lana is the Co-Director of Outreach & Recruitment of the Jaharis Health Law Institute Student Board, a staff writer for the Institute’s online publication, the E-Pulse, and is an active Health Law Fellow. 

The Sunshine Act and Data Mining

By Joseph Gregorio, DePaul University College of Law-

On September 30, 2014, CMS released the data collected under the Physician Payment Sunshine Act (Sunshine Act), as mandated by the Patient Protection and Affordable Care Act (ACA), through its online Open Payments system. Any member of the public can now access and view reported transfers of value from manufacturers and group purchasing organizations to physicians and teaching hospitals involved with Federal Health Care Programs (FHCPs), such as Medicare and Medicaid. The Sunshine Act was intended to give transparency to the financial relationships between doctors and manufacturers. An expected consequence of enacting the Sunshine Act is the increase of civil and criminal actions brought under the False Claims Act (FCA) and other health care fraud statutes.

Data Mining to Detect Fraud

Data mining is particularly applicable in the health care industry due to the massive amount of electronic data it generates from protected health information, drug and device manufacturers, and from private insurance and FHCPs. Before data mining gained popularity in detecting health care fraud, it was utilized for more benevolent applications in healthcare, and still is today. Hospitals use data mining to increase administrative efficiency and physicians use it to aid decision-making. Pharmaceutical companies use data mining to monitor the efficacy of new drugs and detect adverse drug-drug interactions. Similarly, the Centers for Disease Control (CDC) and other health care programs use it to track the spread of diseases and viruses and monitor general health and wellness.

Currently, HHS/OIG and DOJ now utilize data analysis and mining techniques to detect and prosecute health care fraud. The DOJ and HHS cooperate under their joint Health Care Fraud and Abuse Control Program (HCFAC) by sharing known patterns of fraud and collections of raw data. HCFAC uses suspected patterns of fraud to guide further investigations, and as evidence in prosecutions and leveraging settlements. The agencies can detect “outlier” physicians or hospitals that bill for a suspiciously high number of certain drugs, devices, or services, well above national averages. Such outliers indicate potential fraud, such as overbilling, up-coding, or billing for services not rendered.

HCFAC Over-reliance on Data Mining

With the help of data mining, the government has been increasingly successful in prosecuting fraud in FHCPs. HFAC announced record recoveries in 2013 of $2.6 billion from settlements and judgments, equating to roughly $8 for every $1 spent on prosecutions. HCFAC has attributed some of this success to its cooperative data mining, and has stated that it will continue to use it to detect and prosecute fraud. Despite this success, some have criticized the government’s overzealous use of data mining in bringing actions under the FCA, and leveraging settlements. Despite data mining’s remarkable ability to detect patterns of fraud in massive and incomprehensible amounts of information, there are several limitations.

These limitations are particularly relevant to health care fraud due to the serious penalties violations can carry. Data pools, collected by data mining, are limited by the inherent nature of errors. This is not a new issue for health care data.  Even CMS had problems with inaccurate Sunshine Act data before the Open Payments system was launched. Another issue is that suspicious or anomalous trends may be the result of naturally occurring random fluctuations or patterns in the data. Furthermore, because a variety of patterns and trends can indicate fraud, over-analysis of any data set can generate certain patterns or suspicious trends that may be false positives of fraud. These erroneous patterns could lead to unnecessary investigations into the suspected physician or company, which could uncover actual violations.

These limitations lead to criticisms of HCFAC’s over-reliance on data mining.   Critics allege data mining has gone from one of HFAC’s fraud detection tools, to becoming its primary tool for detecting fraud, bringing claims, and leveraging settlements. Actions based on fraud indicating patterns can be troubling due to the complexities of health care fraud and abuse laws, and the difficulty in defending such a claim.

It is indeterminable how many actions come from data mining alone, but qui tam relators mining data released by the government may also be a large contributor to false claim actions. There are also concerns that the HCFAC’s expanded interest in prosecuting more subjective violations, such as substandard provisions of care, will soon be led by data mining.

New Data, New Concerns

Qui tam relators and their attorneys were given a windfall when CMS released the Medicare Provider Utilization and Payment Data dataset April 9, 2014, which contained the billing information for Medicare procedures and services. Many feared the release would generate a flood of qui tam suits. It is too early to determine the impact on FCA actions, but there were certainly parties analyzing the data. On September 30, 2014, CMS launched its Open Payments system under the Sunshine Act covering payments between August and December 2013. This release has generated similar concerns of data mining.

The Sunshine Act requires device and drug manufacturers, as well as group purchasing organizations, to report any payments or transfers of value made to physicians and teaching hospitals. Mining this kind of data could uncover Anti-Kickback Statute violations, which prohibits parties involved in FHCP’s from making offers, payments, solicitations, or receiving anything of value in return for referrals, or other reimbursable services under FHCPs. Manufacturers must also report any financial ownership interests physicians hold in the company, which could lead to Stark Law violations, or prohibited self-referrals. Reports to CMS must also include the name of the drug or device that forms the basis of the payments. Payments to physicians specializing in areas outside the drug’s general application could raise suspicions of off-label marketing, in which drug or device manufacturers promote uses unapproved by the FDA for marketing, or by CMS for FHCP coverage.

The FCA, however, provides a safeguard for public disclosures that prevents qui tam relators from bringing claims based upon information publicly disclosed in hearings, government investigations and reports, or news media. 31 U.S.C. § 3730(e)(4)(A) (2012). Actions may still be brought by the Attorney General, or by the relator if they are an “original source” of the information by having “direct and independent knowledge” of the violation. § 3730(e)(4)(B).  It is unclear whether deriving previously “hidden” information by mining publicly released CMS data constitutes publicly disclosed information. The ACA may have loosened the public disclosure bar by giving courts discretion in claims “opposed by the government.” § 3730(e)(4)(A).

The Sunshine Act was intended to provide greater transparency to the health care system by disclosing financial conflicts of interest between providers and manufacturers. Nevertheless, there are many negative consequences to consider. The potential wave of FCA litigation from data mining could significantly drain the financial resources of providers. While this will lead to more recoveries by HCFAC, manufacturers may stop providing payments for research or training in order to avoid onerous reporting requirements and potential litigation. Physicians may also refuse these payments to avoid being put in the database. Litigation may also increase the earliest feared consequence of the Sunshine Act, the undermining of patient’s trust in doctors.

Maximizing the utility of the Sunshine Act will require balancing the desired transparency of manufacture-provider financial relationships with the need to preserve trust within the physician-patient relationship. This will require physicians to review any information reported on them, and adequate administrative procedures to ensure data is collected accurately and any errors are corrected promptly. Not only could inaccurate data leave physicians vulnerable to FCA violations, it could undermine their patients’ trust in the care they provide. Even accurate reporting under the Sunshine Act could weaken one of the oldest relationships in the United States health care industry, that between manufacturers and physicians.

Joseph Gregorio is a student at DePaul University College of Law and is expected to graduate in May of 2016. Previously he studied psychology at Western Illinois University. He is a staffer for the DePaul Law Review and a contributor to the DePaul Health Law Institute’s E-Pulse blog.

Big Sugar Tries Its ‘Sweet-talk’ on the FDA

By Joseph Gregorio, DePaul University College of Law-

On March 3, 2014, the FDA announced proposed changes to its nutrition facts panel (“NFP”). Of the several proposed modifications, the addition of an “added sugars” label may be the most controversial. The proposed “added sugars” label would be indented below the already standard “sugar” section, a subsection of the “carbohydrates” information. The FDA accepted comments on the proposed rule until June 2, and comments regarding information collection issues until August 2. There were several parties who provided comments, strongly opposing the “added sugars” label.

Although there is nothing inherently bad about sugar, over-consumption is a major issue in the United States. Many foods naturally contain sugar as part of their total package of nutrients. Many foods with added sugars often supply calories, but few or no essential nutrients or dietary fiber. Despite the disparity in the nutrition content that typically accompanies natural or added sugars, the body cannot differentiate between the two, and over-consumption of either can lead to dental problems, obesity, or other health issues.

The United States Department of Agriculture’s “Dietary Guidelines for Americans, 2010,” report that the majority of the sugar in the average American diet is added to foods “during processing, preparation, or at the table,” constituting around 16% of calories in the American diet. Sugars are usually added to make foods more palatable or to modify the foods’ functional attributes, such as preservation, viscosity, texture, body, and browning capacity. Most added sugars come from soda, energy, and sports drinks, grain-based deserts, sugar-sweetened fruit and juice drinks, dairy-based desserts, and candy. Assuming that added sugars are no more dangerous than natural sugars, they still represent “empty calories” in the American diet by displacing the consumption of nutrient-rich foods un-diluted by added sugars, solid fats, or refined grains. The USDA’s Guidelines recommend replacing foods high in added sugars with nutrient-rich foods to lower one’s caloric intake without compromising their nutrient intake.

Industry Opposition

The FDA believes that the proposed “added sugar” label will enable consumers to make dietary decisions in accordance with the USDA’s recommendation to replace foods high in added sugars with nutrient-rich foods. This label change, however, will only be successful if consumers actually: (1) read the NFP, (2) can comprehend the information displayed, and (3) will base at least some of their dietary decisions on the NFP information.

In June, Andy Briscoe, President and CEO of The Sugar Association, Inc. (“TSA”), gave public comments to the FDA recommending that they withdraw the proposed label. TSA is an organization of sugar companies, producers, and interest groups whose mission is to “promote the consumption of sugar through sound scientific principles while maintaining an understanding of the benefits that sugar contributes to the quality of wholesome foods and beverages.” TSA is not alone, six other organizations of food manufacturers, including the American Beverage Association, the American Baking Association, the American Frozen Foods Institute, and the Corn Refiners Association are opponents to the “added sugars” label.

Briscoe and the group of assorted food organizations are clearly concerned that the label could unnecessarily harm them and sugar industry as a whole. They argued that in addition to the new label misleading consumers, there was inadequate scientific evidence to support this change. Briscoe contended that the changes were based solely upon the USDA’s findings, which did not determine that added sugars displaced nutrient rich-foods. He also argued that requiring companies to keep this data would be a heavy financial burden.

The FDA conceded the lack of evidence regarding consumer response and comprehension when it first announced the proposed changes, but has since commenced research on this issue. In addition, the International Food Information Council (“IFIC”) submitted the results of its own study of consumer impact to the FDA. IFIC found that consumers were confused about what added sugars were, and the relationship between added sugars and calories. IFIC also found that the label led some consumers to think that the added sugars were separate and in addition to the “total sugars” listed above.

Briscoe also challenged the nutritional basis of the “added sugars” label by claiming that “no authoritative science body,” such as the Institute of Medicine (“IOM”), had found a need to set upper limits on added sugar intake. Nevertheless, the average American consumes twice the daily amount of sugar recommended by the IOM and the obesity epidemic is rather unique to the United States. Although it is widely accepted that too much sugar can contribute to obesity and dental problems, it seems that there are conflicting opinions regarding the negative health effects of “added sugars” upon one’s diet. The FDA also received comments from groups supporting the change, such as the Center for Science and Democracy at the Union of Concerned Scientists, which highlighted the dangers of extreme sugar consumption.

The intense opposition from the sugar industry may stem from fears of consequences similar to those after the FDA required the labeling of trans-fatty acids in foods. The “added sugars” label may have been a compromise by the FDA from requests to set limits on the amount of sugars that can be added to foods. Although there is no scientific agreement concerning the negative health consequences of added sugars, the sugar industry has been repeatedly accused of controlling and skewing the results of research studies. There are also ethical barriers in conducting highly controlled studies that require participants to consume products that are potentially detrimental to their health.

Future Implications

Although the comment period ended August 1, the controversy regarding the “added sugar” label is far from settled and industry opponents have made it clear that they will not back down. It remains unclear whether consumers will be confused by the new “added sugars” label. If a consumer is concerned enough to read the NFP while making their dietary decisions, he or she will likely know how to interpret the NFP. Likewise, non-nutritionally-conscious consumers are less likely to consult the NFP to begin with, and may not be deterred by the existence of added sugars in their food.

If the FDA implements the “added sugars” section, it will almost certainly impact the sugar industry. The FDA expects compliance within two years of announcing its final rule, leaving plenty of time for parties to appeal the rules. Some say that the requirement may violate the first amendment by compelling speech. But the rights of the food industry must be weighed against the consumer’s right to know what is in their food.

Joseph Gregorio is a student at DePaul University College of Law and is expected to graduate in May of 2016. Previously he studied psychology at Western Illinois University. He is a staffer for the DePaul Law Review and a contributor to the DePaul Health Law Institute’s E-Pulse blog.