Self-Disclosure of Provider Misconduct:
Assessment of CIA Modifications
Overview
As part of an ongoing self-assessment of our health care compliance initiatives,
the Office of Inspector General (OIG) conducted an informal survey of the results
of corporate integrity agreement (CIA) negotiations since the issuance of the
"Open Letter to Health
Care Providers" in March 2000. The purpose of the review was to determine
the extent to which health care providers' existing compliance efforts and self-disclosure
of misconduct influenced the decision to require a CIA or modify specific terms.
An informal review of the results of recent CIA negotiations confirms that significant
and appropriate modifications are being made to CIAs with health care providers
that have established compliance programs and make disclosures of misconduct
to the Government.
Background
As part of the effort to reduce fraud and abuse in the Federal health care
programs, the OIG and the Department of Justice use the False Claims Act (31
U.S.C. 3729-3733) and other authorities to sanction health care providers that
have knowingly submitted false claims to Medicare. In addition to the imposition
of monetary penalties, the OIG is authorized to exclude providers that violate
the False Claims Act from participation in Medicare and other Federal health
care programs. Absent a criminal conviction that triggers mandatory exclusion,
the OIG may elect not to exclude a health care provider that has engaged in
abusive conduct. Where the best interests of the programs are served by allowing
continued participation by the provider, the OIG generally requires that the
provider adopt specific measures to better ensure its integrity. These measures
are set forth in a corporate, institutional or individual integrity agreement
(collectively referred to as a CIA).
Consistent with the United States Sentencing Commission's "Federal Sentencing
Guidelines Manual," the CIA contains the seven core elements of an effective
compliance program. In addition, the OIG generally requires the submission of
periodic reports concerning the provider's compliance efforts and reserves the
right to impose sanctions for a material breach of the CIA. While CIAs almost
always include these basic elements, the specific terms of a provider's CIA
are subject to extensive negotiations. Among the relevant factors considered
in crafting a specific CIA are the severity and extent of the underlying misconduct,
the provider's existing compliance infrastructure and the resources available
for such efforts. Perhaps the best measure of a provider's existing compliance
efforts is the ability to identify and respond to potential misconduct. As Inspector
General June Gibbs Brown observed in her March 9, 2000 "Open
Letter to Health Care Providers":
. . . the best evidence that a provider's compliance program is operating
effectively occurs when the provider, through its compliance program, identifies
problematic conduct, takes appropriate steps to remedy the conduct and prevent
it from recurring, and makes a full and timely disclosure of the misconduct
to appropriate authorities.
The Open Letter went on to explain that the OIG would give more deference to
the self-disclosing provider when negotiating a CIA and, under certain circumstances,
might not even require a CIA as part of the resolution of the matter.
Report of Findings
In general, we found that when the OIG believed a CIA was necessary and where
there was objective evidence of a comprehensive compliance program, the OIG
often made two significant modifications in the CIA:
- A reduction in the term of the CIA from the
usual five year time period to three years; and
- A reduction of the role of the independent
review organization (IRO) in those cases where the provider was able to demonstrate
that it had an established system of internal audits.
These two modifications alone represent a significant benefit to the provider.
Other modifications generally focused on conforming the requirements of the
CIA to the provider's existing compliance infrastructure. These modifications
to the CIA were intended to promote continuity in the provider's ongoing compliance
program, as well as reduce the overall costs of such efforts.
Examples
The following examples identify some of the factors
considered in the process of negotiating a CIA in a self-disclosure case:(1)
- A rural hospital in the Southeast self-reported
that, while under former ownership and management, it had submitted claims
with information that was falsified to support reimbursement. The hospital
uncovered the false claims during the course of an internal audit performed
as part of its voluntary compliance program. In the fall of 2000, the hospital
agreed to resolve its financial and exclusion liability. The OIG did not impose
a CIA because the misconduct was committed by the former management and the
new management disclosed its findings to the Government as part of a comprehensive
pre-existing compliance program.
- A Northeast hospital system identified
that one of its teaching hospitals had submitted improper claims, i.e., they
did not have the proper documentation or were upcoded, to the Federal health
care programs. The hospital system uncovered the false claims during the course
of an internal audit performed as part of its voluntary compliance program.
In the summer of 2000, the hospital system agreed to resolve its False Claims
Act liability. The OIG did not impose a CIA because the hospital system disclosed
the misconduct to the
Government and the hospital system had a comprehensive pre-existing compliance
program.
- An acute care hospital in the Southwest -
one of several nonprofit affiliates of a larger health system - identified
that it had improperly coded claims to the Federal health care programs for
mammography services. The hospital uncovered the false claims during the course
of an internal audit performed as part of its voluntary compliance program.
In the summer of 2000, the hospital agreed to resolve its False Claims Act
liability. Because 1) the misconduct was isolated and distinct, 2) the hospital
disclosed its findings to the Government, 3) the damages to the Federal health
care programs were relatively small, and 4) the hospital had a comprehensive
pre-existing compliance program, the OIG did not impose a CIA.
- A rural hospital in the Northeast self-disclosed
that it had been submitting claims that were not in compliance with rules
governing coding, documentation and reimbursement for anesthesia services.
The hospital uncovered the false claims during the course of an internal audit
performed as part of its voluntary compliance program. In the fall of 2000,
the hospital agreed to resolve its False Claims Act liability. Since the hospital
disclosed its findings to the Government and had a comprehensive pre-existing
compliance program, the OIG imposed limited integrity measures for a term
of four years instead of five years, and permitted three years of internal
audits instead of external reviews by the IRO.
- A network
of physician clinics in the Northeast agreed in the spring of 2000 to resolve
its False Claims Act liability arising out of its submission of claims to
the Federal health care programs that violated Medicare's "incident to"
billing rules. The OIG imposed a CIA on the network for a term of five years.
However, the integrity obligations were tailored to the providers' pre-existing
compliance program. Furthermore, the physician clinics were allowed the opportunity
to qualify for internal annual reviews instead of reviews conducted by an
IRO.
- A mental
health facility in the Midwest agreed in the spring of 2000 to resolve its
False Claims Act liability arising out of its submission of claims to Medicaid
for non-reimburseable services. The facility uncovered the false claims during
the course of an internal audit performed as part of its compliance program.
Because the facility had disclosed the false claims to the Government, cooperated
with the Government to perform an internal audit, and had already implemented
a comprehensive pre-existing compliance program, the OIG made certain modifications
to the CIA. The OIG imposed corporate integrity obligations for a term of
three years instead of five years. Furthermore, the integrity measures were
tailored to the facility's pre-existing compliance program and the OIG allowed
internal annual reviews instead of IRO reviews.
- A national health system, which operates multiple
hospitals in 20 States, entered into a global settlement in the spring of
2000 to resolve its False Claims Act liability arising out of its upcoding
of pneumonia claims at several of its hospitals. The health system 1) disclosed
its problems with pneumonia claims, as well as additional problems, 2) cooperated
with the Government to perform an internal audit with mutually agreed upon
parameters, and 3) had implemented a comprehensive compliance program. Based
on these and other facts, the OIG made certain modifications to the CIA and
imposed a CIA for a term of three years instead of five years. Furthermore,
the corporate integrity measures conformed to the hospital system's comprehensive
pre-existing compliance program and the IRO review was limited to the covered
conduct.
- A nursing home in the Midwest identified
that it had been improperly waiving co-payment amounts for Part B services
rendered to Medicare beneficiaries for nursing and clinical laboratory services,
occupational and physical therapy and physician services. In the summer of
2000, the nursing home agreed to resolve its False Claims Act liability. Because
the hospital disclosed its findings to the Government and was in the process
of implementing a comprehensive compliance program, the OIG imposed a CIA
for a term of three years instead of five years and tailored the integrity
measures to the provider's pre-existing compliance program.
Conclusion
An informal review of the results of recent CIA negotiations confirms that
significant modifications are being made to agreements with health care providers
that have established compliance programs and have self-disclosed misconduct
to the Government. When negotiating a resolution to its administrative liability,
a provider is often able to limit the scope and reduce the cost of a CIA or,
in some instances, as a result of its self-disclosure and pre-existing compliance
efforts, avoid the imposition of a CIA.
FOOTNOTE:
1. Since litigation risks and other case-specific facts
may have influenced the resolution of the cases, the narratives do not represent
an all-inclusive discussion of all factors that were considered in the CIA decision-making
process. Understandably, the examples cannot be relied upon as precedents for
future CIA resolutions.