Applying lessons learned when conducting FCA investigations after Escobar

The Supreme Court opinion in Universal Health Services v. U.S. ex rel Escobar established that the implied certification theory may be a basis for False Claims Act (FCA) (31 U.S.C. §3729) liability if allegations satisfy both the FCA’s materiality and scienter (knowledge) requirements, Joan W. Feldman, partner at Shipman & Goodwin LLP explained during a Health Care Compliance Association webinar on June 26, 2017. She noted that the focus in FCA cases going forward will be whether the government would have refused to pay the allegedly false claim if it had known of the information allegedly omitted or misrepresented.

The Supreme Court’s opinion and remand

The Supreme Court granted certiorari in Escobar to answer whether the implied certification theory was viable and if it could only apply when a provider violated a legal requirement that the government explicitly designated as a condition of payment. Although the Court determined that implied certification is a valid theory, it stated that the FCA should not be considered a vehicle for “punishing garden-variety breaches of contract or regulatory violations…” The Court further concluded that “a misrepresentation about legal compliance does not become material simply because the Government labeled the legal requirement as a ‘condition of payment,’ but whether the defendant knowingly violated a requirement the defendant knows is material to the Government’s payment decision.” The Court remanded the case to the First Circuit (see Implied certification liability confirmed, limited to material compliance violations, Health Law Daily, June 16, 2016).

Feldman pointed out that upon remand, the First Circuit identified three factors that had to be considered when evaluating materiality and knowledge: (1) was compliance a condition of payment, (2) was compliance with a specific regulation the essence of the agreement; and (3) did the government pay the claim even though it was aware of the issue?

The First Circuit concluded, if Medicaid’s decision to reimburse Universal Health Service would have been unaffected by knowledge of the regulatory violations, the violations would not be material, and the implied false certification lawsuit could not proceed. In this case, however, the complaint stated that regulatory compliance was a condition of payment, licensing and supervision requirements were central to the regulation of mental health treatment facilities generally, and the factual allegations were limited to reimbursement claims filed during treatment (see Implied false certification lawsuit under the FCA stated a valid cause of action, Health Law Daily, November 29, 2016).

Lessons from Escobar

The Escobar case illustrates that the FCA is nuanced and complex, Feldman said. She noted that courts will closely scrutinize and evaluate materiality on a fact specific, case-by-case basis to determine whether the alleged violations are sufficient to constitute a false claim. Although she said it is not clear how the Supreme Court’s opinion will play out in the courts, she stressed the importance of claimants clearly stating their materiality and knowledge claims under the implied certification theory. She also emphasized the importance of reacting appropriately and promptly to FCA complaints or concerns.

Investigations

Feldman provided the details of several steps in conducting an FCA investigation, including where to start, maintaining attorney client-privilege, working with the government, planning and conducting an investigation, and mitigating the risk of a FCA qui tam action. She emphasized the importance of maintaining confidentiality throughout the investigation. In addition, she

  • Where to start. When confronted with a false claim allegation, providers must respond promptly. The date and time that the allegation was made must be documented and the allegation must be communicated to leadership. Legal counsel experienced with false claims should be engaged and the Medicare administrative contractor or Medicaid agency must be notified. The compliance officer must assign responsibility for the investigation but must limit the number of individuals in the sphere of knowledge and communication. Accountability and follow-up are essential as well as the preservation of documents.
  • Maintaining attorney client privilege. Consult with counsel to protect the attorney-client privilege. Ensure document production is done with counsel who creates a privilege log for documents that will not be turned over to the government. Interview witnesses separately to protect communications.
  • Working with the government. When working with the government compliance officers must be cooperative, responsive, and timely; yet maintain an advocate position for the organization. They must understand the issue, facts, and relevant law as well as the settlement if there is one. Feldman encouraged compliance officers not to be intimated by the government or assume its position is correct. She explained that the government only knows the case from the qui tam relator. She told compliance officers to “push back” and advocate the organization’s position with facts and laws when presented with the government’s case.
  • Planning the investigation. An investigative plan must be developed, a timeline created, and records of the investigation must be maintained, including the process, interview notes, and witness log. Witnesses must be identified and interviews must be scheduled.
  • Conducting the investigation. The attorney should conduct the investigation and may have deputized staff to assist. When a complaint of subpoena is received, litigation hold must be communicated throughout the organization. Documents are reviewed and interviews conducted. When appropriate, engage auditors or experts. Leadership should be kept informed throughout the process.

Additional tips

Other advice Feldman provided included circling back to complainant, avoiding whistleblower retaliation, and being mindful of the collateral effect of an investigation on employees. In addition, she emphasized that concerns raised by an individual must be taken seriously. Compliance officers should give them full attention and document the concern and how it was addressed. If the individual is not satisfied with the findings, the compliance officer should document why no further action will be taken and notify counsel. If attention is not given when a concern is raised, the individual may pursue an action.

Physician practices get tips for effective communication, training, vetting

Compliance officers often encounter problems ensuring physician compliance within physician practices and face difficulties when communicating with physician practice groups. When addressing physician practice issues, Betty Baber-Kinsey, Physician Practice Compliance Officer, Tenet Healthcare, considers such things as how to get in front of potential issues before they occur, how physicians are employed, how to vet new products or new procedures, and coding and prescribing issues. Baber-Kinsey addressed these various issues at the 2017 Health Care Compliance Association Compliance Institute on March 26, 2017.

Effective communication

A compliance officer dealing with multiple physician practices is likely to face difficulties communicating across in part due to the makeup, size, and locations of the practices, Baber-Kinsey said. One decision that has to be made is whether the message is delivered in person or remotely. Baber-Kinsey suggested four methods of communication across practices. Messages can cascade down from the top executives or the board of directors to management and then staff, can be delivered through videos, or through web-ex sessions. Baber-Kinsey also recommended monthly recurring calls and bi-weekly operations calls. She noted that monthly practice managers meetings are recorded and minutes are taken.

Training

Baber-Kinsey stressed that training was all about the buy-in. She approaches training in three ways: live training, computer courses with a test, and video training. Training topics include conflicts of interest, vendor relationships, the Yates Memo, and the Physician Payments Sunshine Act (Section 6002 of the Patient Protection and Affordable Care Act (ACA) (P.L. 111-148) codified at Social Security Act Sec.1128G). Baber-Kinsey pointed out that video training works for new hires, for staff annual refresher training, and in specialized or targeted sessions. For annual refresher training she suggested incorporating multiple topics to reach all levels of employees within the practice, including physicians, clinical staff, billers, and coders. She suggested including videos from other sources to let the staff being trained know the issue is universal and does not apply only to them. It is important to include humor, she added.

Vetting new physicians

Baber-Kinsey uses a physician practices onboarding checklist to ensure that physicians are properly vetted. The checklist enables her to “know what they are getting before the [physicians] walk through the door.” The checklist provides who, what, and when or, as she put it, the “What, Documented, Billed.” The vetting process takes about 18 weeks. The first four weeks are involve business development and due diligence including credentialing and information technology (IT) assessments. Weeks 5 – 8 involve credentialing, human resources (HR) and IT operations. Weeks 9 – 12 involve operations, HR, and start of marketing. Weeks 13 – 16 involves operations and completion of credentialing. Baber-Kinsey emphasized that onboarding process is not finished until a billing clearance audit is completed and within goal, which means that the physician’s billing error rate is 5 percent or less.

Alternative lines of business

The latest trend for physicians is providing an alternative line of business, according to Baber-Kinsey.An alternative line of business means any items and/or products that may not fit into traditional lines of service for the primary or specialty care practice,” according to Baber-Kinsey. Examples of alternative lines of business include supplements, cosmetic procedures and services, and oncology infusion. Baber-Kinsey recommends getting in front of the alternative line of business before a physician is hired. Tenet Healthcare has a policy and procedure that addresses new and alternative lines of business.

CIAs contain lessons for compliance professionals & board members

The typical obligations contained in a corporate integrity agreement (CIA) overseen by the HHS Office of Inspector General (OIG) can be implemented by compliance programs to drive accountability and improve effectiveness. In a webinar titled Compliance Accountability: Lessons Learned from Implementing Corporate Integrity Agreements, Tom Herrmann, JD, and Carrie Kusserow, MA, CHC, CHPC, CCEP, both of Strategic Management Services, LLC, provided an overview of the standard obligations in a CIA, including recent changes, and provided tips to listeners on how to effective oversight and organizational controls for health care organizations.

CIAs are typically included as part of a “global settlement” of criminal, civil, and administrative charges against a health care provider or entity. The CIA, which usually lasts for five years, allows the provider to remain a participant in federal health care programs in exchange for compliance responsibilities. These responsibilities include oversight by the compliance officer, executive-level compliance committee, and board, but also written guidance, mandatory trainings, screening for excluded providers, and regular reports to the OIG. Recently, the OIG has made some changes to CIA obligations, including requirements for management including certifications, minutes from executive-level compliance committee meetings, and obligations for the board.

To avoid entering into a CIA, or to survive one that has already been implemented, organizations should have a compliance officer who is a member of senior management. The compliance officer should report to the CEO, and is neither responsible for serving as legal counsel, nor subordinate to general counsel or the CFO. The compliance officer should chair the executive-level compliance committee, which should include senior management from relevant departments, and meet at least quarterly. Certain senior executives, including the CEO, COO, CFO, and CMO have obligations to monitor and oversee activities within their areas of authority. Lastly, the board of directors, made up of independent, non-executive board members, should be specifically trained on corporate governance and its responsibilities for compliance program oversight.

All compliance programs should have updated written policies and procedures, a disclosure mechanism like a hotline, provide annual training, and should include compliance as an element of performance review for all employees.

Kusserow on Compliance: DOJ issues guidelines on corporate compliance programs

In February 2017, the Department of Justice (DOJ) issued its“Evaluation of Corporate Compliance Programs,” which provides an explanation as to how compliance programs are evaluated by prosecutors. This 119-question resource offers great insights for compliance officers working to build and enhance their compliance programs. One thing to remember about these guidelines is that they relate to all industry sectors.   The Principles of Federal Prosecution of Business Organizations in the United States Attorney’s Manual describes specific factors that prosecutors should consider in conducting an investigation of a corporate entity, determining whether to bring charges, and negotiating plea or other agreements. These factors, commonly known as the Filip Factors, include “the existence and effectiveness of the corporation’s pre-existing compliance program” and the corporation’s remedial efforts “to implement an effective corporate compliance program or to improve an existing one.” The guidance was formulated to evaluate compliance programs after a violation has been discovered and examine the existing misconduct as the benchmark against which the compliance program will be evaluated. The Compliance Program Guidance is divided into 11 sections. Each category includes a list of questions the DOJ may consider when evaluating a company’s compliance program when it confronts corporate misconduct. The sections are:

  1. Analysis and Remediation of Underlying Conduct;
  2. Senior and Middle Management;
  3. Autonomy and Resources;
  4. Policies and Procedures;
  5. Risk Assessment;
  6. Training and Communications;
  7. Confidential Reporting and Investigation;
  8. Incentives and Disciplinary Measures;
  9. Continuous Improvement, Periodic Testing and Review;
  10. Third Party Management; and
  11. Mergers & Acquisitions.

The DOJ noted that in developing this document, it used the U.S. Sentencing Commission Guidelines. The document also relates back to a number of other DOJ reports, including the Yates Memorandum that focused on individual accountability in corporate investigations, and not just organizational wrongdoing. Although the compliance guidance documents issued by the HHS Office of Inspector General (OIG) are tailored to the health care sector, the reading of the DOJ evaluation document is relatable to them. All seven elements of an effective compliance program are included in the DOJ guidelines. It is worthwhile for compliance officers of health care entities to read this document and incorporate those areas identified by the DOJ for their own work place. There are plenty of ideas among the 119-questions outlined in their document for use by compliance officers to improve their organizations’ compliance programs.

Tip

The OIG calls for ongoing monitoring of the compliance program to ensure that it is up to date and operating the way it is designed to. In addition, there should be periodic, independent auditing of the program to verify that monitoring is taking place and validate that the results of operation are making the compliance program effective in achieving its goals. The U.S. Sentencing Commission in its standards for compliance and ethics programs also call for organizations to “evaluate periodically the effectiveness of the organization’s compliance and ethics program.” Now the DOJ is calling for the same thing.  As such, those organizations that have not had their compliance program subject to an independent compliance program effectiveness evaluation should consider having it now, incorporating the DOJ guidelines as part of their review.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.