Kusserow on Compliance: Addressing the risk of whistleblowers

The DOJ recently reported the fact that 93 percent of its successful civil false claims court actions arose by qui tam relators (whistleblowers) bringing the case to the DOJ’s attention. As such, it is important to understand better how to address the risk of having that happen to your organization. Key factors to be considered are the motivation of most whistleblowers and how to channel them to report internally, rather than going to outside authorities.

Tom Herrmann, JD, while at the OIG, was responsible for coordinating whistleblower cases with the DOJ.  He noted that the common practice for the DOJ, upon receiving a complaint from a qui tam relator, is to have the OIG conduct the preliminary investigation on their behalf. Inasmuch as these False Claims Act (FCA) cases were civil in nature, it was not the usual course to involve the FBI.  As such, he had the opportunity to review the initial complaints and often times meet or discuss with the relator about what caused them to report the problem. He found that there were many reasons given by individuals for becoming qui tam relators. e HhOnly a few qui tam relators indicated their motivation was for the potential reward coming from the case. The most common statement was that because they were unable to obtain a credible, internal reporting channel, they decided to report externally. Credence was given to this as a major motivating factor by the fact that in many cases they did find evidence of many Whistleblowers having reported the problem internally first, and moved to report externally when inadequate attention was give to their complaints. There were also whistleblowers who stated they were motivated by ethical considerations and felt they could not justify allowing a bad situation to continue without taking some sort of action.

Steve Forman, CPA, has over 30 years experience with the OIG, as a compliance officer, health care consultant. He found many situations where an employee’s reporting a potential violation of law, regulation, or organization Code or policy was the subject of adverse action or reprisal.  In some cases, the whistleblower moved to a legal course of action to protect themselves.  Unfortunately, it is not uncommon to find members of management engaging in retaliatory actions against employees trying to expose wrongdoing. In some cases, these same people turned to attorneys who led them to become qui tam relators. A key factor in managing the risk of having a whistleblower is to understand what motivates them to go externally with and report a problem; and try to channel them to resolve the issue internally.  It is also important to remember that making the decision to report a problem to the compliance officer is viewed as taking considerable risk with regards to their job, reputation with their fellow employees, and their future financial security.  Reassurance of protection against retaliation is critical. However, for some, that may be not enough.  This means the option to report anonymously is also important.

Carrie Kusserow has overseen many IRO and Compliance Expert engagements with clients who signed Corporate Integrity Agreements with the OIG. She noted that in several cases, while carrying out the duties of the engagement, her consultants identified the original whistleblower and found in several cases they had tried to raise the issues internally, before deciding to go outside the organization and become a qui tam relator. In other cases, the whistleblower reported not trusting the hotline or compliance office to protect them against retaliation. The lesson to be learned about avoiding external whistleblowing is to ensure that internal compliance channels operate credibly and properly. This also means taking prompt action to follow on any complaints or allegations of wrongdoing. It also means that strong policies and procedures to protect individuals reporting potential wrongdoing must be implemented and followed. This includes permitting employees to be able to report anonymously or if they do identify themselves that they will be detected in their confidentiality law.

Tips for Compliance Officers

  1. Ensure reporting suspected wrongdoing is stressed in the code, policies and training
  2. Review and update hotline-related polices/procedures (confidentiality, anonymity, non-retaliation, duty to report, etc.)
  3. Ensure a 24/7 hotline operated externally, as internal ones are less trusted and unavailable at all times
  4. Look to expand and increase compliance communication channels beyond just the hotline
  5. Promote the reporting of wrongdoing (newsletter, intranet, training programs, etc.)
  6. Find ways to provide feedback so that employees know reporting is taken seriously
  7. Consider engaging experts to evaluate compliance communication channels effectiveness
  8. Allegations of potential violations of law or regulations must be promptly investigated
  9. Ensure that individuals are trained and competent to conduct prompt investigations
  10. Disclose promptly all cases where investigation indicates potential violations
  11. Review and update investigation and resolution of allegations polices/procedures
  12. Take appropriate disciplinary action against identified wrongdoers
  13. Consider having on call experts in conducting investigations to assist if needed
  14. Understand CMS and OIG self disclosure protocols that may avoid FCA investigation
  15. Ensue investigations finding of potential violations of law are promptly disclosed to the DOJ

 

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: Employee screening against the Specially Designated Nationals and Blocked Persons list

A frequently asked question by compliance officers for health care organizations is whether they should be screening employees and others with whom they do business against the Office of Foreign Assets Control (OFAC) Specially Designated Nationals and Blocked Persons list (SDN). OFAC is part of the U.S. Department of Treasury that determines whether or not an entity or individual is permitted to do business with the United States. The SDN is “….a list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific.”

Tom Herrmann, JD—who served over 20 years in the HHS Office of Inspector General (OIG) Office of Counsel to the IG and subsequently 6 years as an Appellate Judge for the Medicare Appeals Board—was asked to comment on this issue. He noted that the SDN list was primarily designed for use by financial institutions; they are not permitted to deal with anyone on the list. As a result, OFAC alerts can sometimes show up on credit reports. It is safe to assume that employers, also, would prefer not to hire someone on the SDN list. Those industries most involved in OFAC screening are international businesses, particularly in banking, finance, and insurance. He made special note of the fact that screening against the OFAC SDN List is not required for healthcare providers or managed care and may create more problems than benefits from doing it.

Ashley Felder is a Human Resources Consultant who warns that from an employer’s perspective, a significant problem is that the list consists of a very large number of common Arabic names that can be transliterated into English many different ways that create many false hits. This opens up the possibility of discriminatory practices unless a great deal of care is used in applying the information. In view of the fact that there is not specifically identifiable data that can confirm a match, means that a potential hit cannot be fully resolved without confronting the individual for a detailed briefing of their background. This can be very troublesome and may lead to charges of discrimination, profiling, defamation of character, etc. The result is that OFAC may or may not be a useful supplement to a standard criminal check or screening against state credentialing agencies, the OIG List of Excluded Individuals, and Medicaid sanction lists.

Jillian Bower, Vice President of the Compliance Resource Center that provides sanction-screening tools and services, noted that the overwhelming majority of healthcare related entities “do not” screen against the OFAC SDN. She explained that there are some issues and potential complications in using it for employment screening, as result of the fact that for the most part, the list is name-only with multiple aliases per person, and is a mix of individuals and organizations. Dates of birth are usually missing, or multiple possibilities are listed. Address history, if present, only includes city and country. So OFAC checks are name-only, and making a positive identification can be difficult, if not impossible. As such, the Compliance Resource Center (CRC) does not recommend screening OFAC, unless there are special concerns or reasons for doing so, such as operating outside the United States in areas designated by the Department of Treasury for special concern.

 

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: OIG estimates $4.4B in savings in 2017

The HHS Office of Inspector General (OIG) issued its second Semiannual Report to Congress for 2017 summarizing achievements for the year that included estimated savings of $4.4 billion as result of its work.   It reported over $4 billion in “investigative” receivables for the full year from expected recoveries from criminal actions, civil and administrative settlements, civil judgments, and administrative actions by OIG. In addition, it reported almost $300 million in audit findings. For the year, the OIG brought criminal actions against 881 individuals or organizations, and 826 civil actions, including false claims and unjust-enrichment lawsuits filed in federal district court, civil monetary penalty settlements, and administrative recoveries related to provider self-disclosure matters. The OIG cited some of the major fraud enforcement actions for the year that included the largest national health care fraud takedown in history, involving more than 400 defendants in 41 federal districts and $1.3 billion in false billings to Medicare and Medicaid.

The largest body of work involves investigating matters related to the Medicare and Medicaid programs, such as patient harm; billing for services not rendered, medically unnecessary services, or services more extensive than those actually provided; illegal billing, sale, diversion, and off-label marketing of prescription drugs; and solicitation and receipt of kickbacks, including illegal payments to patients for involvement in fraud schemes and illegal referral arrangements between physicians and medical companies. The OIG also investigates cases involving organized criminal activity, medical identity theft, and fraudulent medical schemes that are established for the sole purpose of stealing Medicare dollars. Those who participate in these schemes may face heavy fines, jail time, and exclusion from participating in Federal health care programs. The OIG highlighted some of the most common criminal fraud scheme case types relating to (1) controlled and non-controlled prescription drugs, (2) home health agencies and personal care services, (3) ambulance transportation, (4) DME, and (5) diagnostic radiology and laboratory testing.

Highlighted major cases include actions taken against 120 opioid-related defendants, including 27 doctors. In addition, the OIG issued 295 exclusion notices related to the use and abuse of controlled substances. Other high profile OIG actions related to fraud allegations noted were against Mylan Inc. that agreed to pay $465 million; and eClinicalWorks, LLC (ECW) for $155 million.

 

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: DOJ reports more than two-thirds of $4B civil fraud recoveries in 2017 from health sector

In an end of the year report, the Department of Justice (DOJ) Civil Division announced that it recovered over $3.7 billion from civil False Claims Act (FCA) cases for the fiscal year. Significantly, nearly two thirds of the total settlements and judgments involved the health care industry, including drug companies, hospitals, pharmacies, laboratories, and physicians. What is really noteworthy is the fact that ninety-three percent of the total came from qui tam relators (whistleblower) cases, whose rewards amounted to almost $400 million. There were 491 new such health care cases filed during the year at a rate of about ten per week. The great majority of civil fraud cases implicated the Anti-Kickback Statute. Also most major settlements with DOJ are referred to the HHS Office of Inspector General (OIG) for Corporate Integrity Agreements.

It is noted that settlements for 2017 were $1 billion less than 2016. This is the eighth consecutive year that the department’s civil health care fraud settlements and judgments have been the leading area of settlements and judgments, exceeding $2 billion. The recoveries reported reflect only federal losses and they were instrumental in recovering additional millions of dollars for state Medicaid programs. The largest recoveries involving the health care industry this past year came from Shire Pharmaceuticals LLC which paid $350 million; drug manufacturer Mylan Inc. which paid approximately $465 million; Life Care Centers of America Inc. and its owner which agreed to pay $145 million; and eClinicalWorks (ECW) and certain of its employees which paid $155 million.

In second place in terms of industry recoveries was $543 million from housing and mortgage fraud cases, which was only about twenty percent of the level for the health care sector. In third place was the Defense arena which had cases that resulted in $220 million in settlements and recoveries, which is only about one tenth the level of the health care sector.

The “Yates Memo” emphasized DOJ’s intent to focus on “individual accountability for corporate wrongdoing” through civil and criminal enforcement actions. This emphasis on singling out individual recoveries was in evidence this last year with DOJ recovering $60 million directly from individuals, without joint and several liability with any corporate entity. The DOJ identified several individual owners and executives of private corporations agreed to be held jointly and severally liable for settlement payments.

The DOJ obtained more than $3.7 billion in settlements and judgments from civil cases involving fraud and false claims against the government in the fiscal year ending September 2017.

Recoveries since 1986, when Congress substantially strengthened the FCA, now total more than $56 billion.

 

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.