Kusserow on Compliance: Addressing the risk of whistleblowers

The DOJ recently reported the fact that 93 percent of its successful civil false claims court actions arose by qui tam relators (whistleblowers) bringing the case to the DOJ’s attention. As such, it is important to understand better how to address the risk of having that happen to your organization. Key factors to be considered are the motivation of most whistleblowers and how to channel them to report internally, rather than going to outside authorities.

Tom Herrmann, JD, while at the OIG, was responsible for coordinating whistleblower cases with the DOJ.  He noted that the common practice for the DOJ, upon receiving a complaint from a qui tam relator, is to have the OIG conduct the preliminary investigation on their behalf. Inasmuch as these False Claims Act (FCA) cases were civil in nature, it was not the usual course to involve the FBI.  As such, he had the opportunity to review the initial complaints and often times meet or discuss with the relator about what caused them to report the problem. He found that there were many reasons given by individuals for becoming qui tam relators. e HhOnly a few qui tam relators indicated their motivation was for the potential reward coming from the case. The most common statement was that because they were unable to obtain a credible, internal reporting channel, they decided to report externally. Credence was given to this as a major motivating factor by the fact that in many cases they did find evidence of many Whistleblowers having reported the problem internally first, and moved to report externally when inadequate attention was give to their complaints. There were also whistleblowers who stated they were motivated by ethical considerations and felt they could not justify allowing a bad situation to continue without taking some sort of action.

Steve Forman, CPA, has over 30 years experience with the OIG, as a compliance officer, health care consultant. He found many situations where an employee’s reporting a potential violation of law, regulation, or organization Code or policy was the subject of adverse action or reprisal.  In some cases, the whistleblower moved to a legal course of action to protect themselves.  Unfortunately, it is not uncommon to find members of management engaging in retaliatory actions against employees trying to expose wrongdoing. In some cases, these same people turned to attorneys who led them to become qui tam relators. A key factor in managing the risk of having a whistleblower is to understand what motivates them to go externally with and report a problem; and try to channel them to resolve the issue internally.  It is also important to remember that making the decision to report a problem to the compliance officer is viewed as taking considerable risk with regards to their job, reputation with their fellow employees, and their future financial security.  Reassurance of protection against retaliation is critical. However, for some, that may be not enough.  This means the option to report anonymously is also important.

Carrie Kusserow has overseen many IRO and Compliance Expert engagements with clients who signed Corporate Integrity Agreements with the OIG. She noted that in several cases, while carrying out the duties of the engagement, her consultants identified the original whistleblower and found in several cases they had tried to raise the issues internally, before deciding to go outside the organization and become a qui tam relator. In other cases, the whistleblower reported not trusting the hotline or compliance office to protect them against retaliation. The lesson to be learned about avoiding external whistleblowing is to ensure that internal compliance channels operate credibly and properly. This also means taking prompt action to follow on any complaints or allegations of wrongdoing. It also means that strong policies and procedures to protect individuals reporting potential wrongdoing must be implemented and followed. This includes permitting employees to be able to report anonymously or if they do identify themselves that they will be detected in their confidentiality law.

Tips for Compliance Officers

  1. Ensure reporting suspected wrongdoing is stressed in the code, policies and training
  2. Review and update hotline-related polices/procedures (confidentiality, anonymity, non-retaliation, duty to report, etc.)
  3. Ensure a 24/7 hotline operated externally, as internal ones are less trusted and unavailable at all times
  4. Look to expand and increase compliance communication channels beyond just the hotline
  5. Promote the reporting of wrongdoing (newsletter, intranet, training programs, etc.)
  6. Find ways to provide feedback so that employees know reporting is taken seriously
  7. Consider engaging experts to evaluate compliance communication channels effectiveness
  8. Allegations of potential violations of law or regulations must be promptly investigated
  9. Ensure that individuals are trained and competent to conduct prompt investigations
  10. Disclose promptly all cases where investigation indicates potential violations
  11. Review and update investigation and resolution of allegations polices/procedures
  12. Take appropriate disciplinary action against identified wrongdoers
  13. Consider having on call experts in conducting investigations to assist if needed
  14. Understand CMS and OIG self disclosure protocols that may avoid FCA investigation
  15. Ensue investigations finding of potential violations of law are promptly disclosed to the DOJ


Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.

U.S. intervenes in UnitedHealth billing scheme suit

The federal government intervened in a qui tam lawsuit alleging that UnitedHealth Group entities (UnitedHealth) and Medicare Advantage organizations (MAOs) with which it contracted, including HealthCare Partners, deliberately concealed from the Medicare Part C program that they had submitted bills not supported by medical documentation, resulting in inflated risk adjustment payments that were never repaid to CMS. The U.S.’s intervention in this False Claims Act (FCA) (31 U.S.C. § 3729, et seq.), U.S. ex rel. Swoben v. Secure Horizons, is emblematic of its “commitment to ensure the integrity of the Medicare Part C program.” It is expected to file a complaint in another risk-adjustment-related FCA case, U.S. ex rel. Poehling v. UnitedHealth Group. Inc., no later than May 16, 2017.

MAOs must submit diagnosis codes for each enrollee for a particular calendar year to CMS (42 U.S.C. § 1395w-23(a)(3)). CMS uses the codes to create Hierarchical Condition Category (HCC) risk scores to adjust the capitated payment rates it pays to each MAO, increasing payment rates to MAOs with patient populations with more severe illnesses and decreasing payments to MAOs with patient populations with less severe illnesses. MAOs typically submit data to CMS and then perform a retrospective review of medical charts to ensure that the charts support the claims submitted. If an MAO discovers a diagnosis code for a patient that was not already submitted, it may do so at that time. However, MAOs are also required to withdraw previously submitted codes that they determine were not supported by medical documentation.

A former employee of Senior Care Action Network (SCAN) Health Plan and a consultant to the risk adjustment industry filed the qui tam suit and the government filed an intervening complaint, alleging that UnitedHealth, HealthCare Partners, and other defendants knowingly concealed the fact that previously submitted codes were not supported by medical documentation, resulting in higher risk adjustment payments. Specifically, the defendants hired coders to perform retrospective reviews, but knowingly concealed information about previously submitted codes so that the coders would not be able to identify codes that were not supported by medical documentation. In addition, certain employees created spreadsheets that did not permit the entry of previously submitted codes that should be withdrawn, as required by CMS.

8 years of illegal kickbacks costs Hospice Plus $12M

A group of hospices owned by Curo Health Services and operating under the Hospice Plus brand agreed to pay over $12 million to resolve allegations that they paid kickbacks in exchange for patient referrals in violation of the False Claims Act (31 U.S.C. §3729). The scheme came to light after several whistleblowers filed qui tam lawsuits on behalf of the United States, consolidated as U.S. ex rel. Capshaw v. White. The United States had previously partially intervened in the lawsuit against the corporate defendants for purpose of settlement; the suit remains pending against two former Curo executives, and the United States requested permission to intervene in the remainder.

Kickbacks were allegedly paid to (1) American Physician Housecalls, a physician house call company in the form of sham loans, free equity interest in another entity, stock dividends, and free rental space; and (2) to medical providers, including doctors and nurses, in the form of cash, gift cards, and other valuable items. According to the consolidated whistleblower complaints, the house call company allegedly received kickbacks from 2007 through 2012, while providers allegedly received payments from 2007 through 2014.

The involved hospices primarily operate in and around Dallas, Texas, and were first known as Hospice Plus, Goodwin Hospice, and Phoenix Hospice. The three companies were purchased by Curo Health Services in 2010 and consolidated under the Hospice Plus brand.

Kusserow on Compliance: Free Webinar! Best Practices for Conducting Internal Investigations

Channeling employees who wish to report allegations or complaints internally is critical to any effective compliance program, as well as to avoid the liabilities and other consequences to having them report externally. The HHS Office of Inspector General (OIG) and Department of Justice (DOJ), as well as other enforcement agencies, continue encouraging “whistleblowers” by offering great bounties for successes from their information. In 2016, recoveries totaled $3 billion with whistleblowers receiving as their share—$519 million. In addition, nearly a quarter-million whistleblowers contacted the OIG directly or through the agency’s hotline during the same period. Wolters Kluwer is hosting a complimentary webinar on January 26, 2017 from 1:00-2:30 PM EST, entitled, “Best Practices for Conducting Internal Investigations.” The presenters are Richard P. Kusserow, former FBI executive and HHS Inspector General, along with Kashish Chopra, JD. Both have extensive experience with conducting internal investigations. Today’s blog focuses on the predication of internal investigations that is also addressed in the webinar in more detail. There are many ways be called upon to respond to a complaint or concern raised by an employee, including compliance officers, human resource management (HRM), legal counsel, privacy/security officers, and risk managers, among others; however, only a few complaints would rise to the level of requiring an investigation.

An investigation is a search to uncover facts and seek the truth of an issue (who, what, when, where, why, how) and involves a detailed inquiry or systematic examination to gather facts and information to solve a problem, or resolve an issue. Other activities can meet this definition, including conducting audits, evaluations, and inquiries. All these other activities involve a detailed examination of facts. The fact is that vast majority of hotline complaints can be resolved fairly quickly—within hours or a day or two—without a formal investigation. Many complaints, allegations, and concerns are routine in nature and may be resolved through normal management procedures or through HRM. In determining how to respond to complaints and allegations properly, it should be a standard practice to, in effect, “triage” all the facts known, similar to what medical staff does when a patient arrives at an emergency room at the hospital. This involves an analysis of the complaint and any allegations to determine who is best equipped to resolve the issues. It may be the multiple functions may need to be involved. From this initial analysis, an investigative plan can be developed.

However, when it is determined that a matter requires an investigation, the key is how to do this properly, preferably using properly trained individuals to conduct the investigation. Anyone called to conduct an investigation must understand how to plan an investigation, conduct proper interviews, organize evidence, prepare written reports, and document management. Is unrealistic to have professional investigators in compliance offices, but certain basic principles should be taught to anyone taking on the role of an investigator, whether they come from the compliance office, HRM, legal counsel, privacy office, etc. Anyone who is likely to conduct an internal investigation should have as a minimum a basic understanding of best practices and methods. The upcoming webinar is designed to provide some of the basic principles in conducting a proper investigation in a timely manner.

Click here to register.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.