OIG’s Revised Self-Disclosure Protocol: Top Takeaways

08 November 2021 Health Care Law Today Blog
Author(s): Judith A. Waltz Olivia Benjamin (King)

On November 8, 2021, the Department of Health & Human Services (HHS) Office of Inspector General (OIG) released a revised and renamed Provider Self-Disclosure Protocol: the OIG “Health Care Fraud Self-Disclosure” protocol (SDP). This is the first revision to the SDP since 2013.

The SDP is limited to matters that involve potential violations of Federal criminal, civil or administrative law for which civil monetary penalties (CMPs) are authorized. As described on the OIG website, “Self-disclosure gives persons the opportunity to avoid the costs and disruptions associated with a Government-directed investigation and civil or administrative litigation.” One expectation of the SDP is that the provider or supplier identify its corrective action(s). Specifically, the problematic conduct should have stopped prior to disclosure or be in the process of termination, and all other necessary corrective action should be complete and effective at the time of disclosure. 

Below, we describe the top takeaways from the revised SDP and what organizations should know before starting the self-disclosure process.

Minimum Settlement Amounts: Doubled

In the revised SDP, OIG doubles the minimum settlement amounts required to resolve matters accepted into the SDP. For kickback related matters, OIG increased the minimum settlement amount from $50,000 to $100,000. For all other matters accepted into the SDP, OIG increased the minimum settlement amount from $10,000 to $20,000. These increases track the increased CMP maximum imposed by the Bipartisan Budget Act of 2018. (Current CMP maximum adjusted penalties can be found at 45 C.F.R. § 102.3.)

OIG’s Grant and Contractor Self-Disclosure Programs

With the revised SDP, OIG clarifies that the SDP is not an appropriate vehicle for disclosures related to recipients of HHS grants, or for federal contractors. Rather, OIG states that these matters should be disclosed through OIG’s Grant Self-Disclosure Program and OIG’s Contractor Self-Disclosure Program.

Organizations under Corporate Integrity Agreements (CIA)

OIG allows organizations under CIAs to use the SDP, but with this revision, requires the organization to reference the fact that it is subject to a CIA, and send a copy of the disclosure to its OIG monitor. OIG clarifies that any disclosure that constitutes a reportable event (as defined by the CIA) must be reported to OIG.

Itemized Damages

OIG requires that parties provide an estimate of damages. With the revised SDP, OIG clarifies that this estimate must include an itemization of damages for each Federal health care program, and a total of damages for all Federal health care programs.

OIG’s Coordination with the Department of Justice (DOJ)

In the SDP, OIG states that it will coordinate with DOJ to resolve civil and criminal matters. OIG states that it will “advocate that the disclosing party receives a benefit from disclosure under the SDP” for civil matters. In the last [prior] version of the SDP, OIG included this same language regarding criminal matters. However, OIG removed this reference for criminal matters in the revised SDP. Whether the SDP’s current advocacy limitation to civil matters will be significant will, of course, remain to be seen as new cases work their way through the SDP process. The Sentencing Guidelines used for criminal cases continue to reflect “credit” for compliance efforts, but the SDP’s advocacy change may reflect an increasing intolerance for health care fraud that is thought to rise to a level of criminality, or it may reflect a realignment of delegation enforcement authorities. OIG also notes that any disclosure of criminal conduct through the SDP will be referred to DOJ for resolution. 

Updated Statistics

OIG provided updated statistics regarding the SDP process. Specifically, between 1998 and 2020, OIG has resolved over 2,200 disclosures, which resulted in OIG recovering more than $870 million for Federal health care programs. Between 2016 and 2020, OIG resolved 330 SDP cases through settlements, and released all disclosing parties from permissive exclusion without requiring any integrity measures. 

Online Submission Required

OIG previously allowed organizations to submit disclosures to the SDP via mail. With the revised SDP, OIG is now requiring all submissions through its website.


OIG’s revised SDP confirms OIG’s continued expectation that providers and suppliers will identify, rectify, and resolve instances of potential fraud involving the Federal health care programs. In essence, the SDP provides an “exit strategy” for resolution of risk. To take advantage of the SDP, providers and suppliers must have an active and effective compliance program that can identify potentially fraudulent conduct and be able to stop it and address the consequences. 

Visit Foley's Health Care Regulatory Group for more information on health care fraud and abuse, reimbursement, compliance, and more. Foley’s objective is to make certain that our health care clients are in the best position to avoid, or successfully defend, regulatory violations. Please reach out to the authors, your Foley relationship partner, or to anyone on our Health Care Regulatory Group with any questions.

This blog is made available by Foley & Lardner LLP (“Foley” or “the Firm”) for informational purposes only. It is not meant to convey the Firm’s legal position on behalf of any client, nor is it intended to convey specific legal advice. Any opinions expressed in this article do not necessarily reflect the views of Foley & Lardner LLP, its partners, or its clients. Accordingly, do not act upon this information without seeking counsel from a licensed attorney. This blog is not intended to create, and receipt of it does not constitute, an attorney-client relationship. Communicating with Foley through this website by email, blog post, or otherwise, does not create an attorney-client relationship for any legal matter. Therefore, any communication or material you transmit to Foley through this blog, whether by email, blog post or any other manner, will not be treated as confidential or proprietary. The information on this blog is published “AS IS” and is not guaranteed to be complete, accurate, and or up-to-date. Foley makes no representations or warranties of any kind, express or implied, as to the operation or content of the site. Foley expressly disclaims all other guarantees, warranties, conditions and representations of any kind, either express or implied, whether arising under any statute, law, commercial use or otherwise, including implied warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall Foley or any of its partners, officers, employees, agents or affiliates be liable, directly or indirectly, under any theory of law (contract, tort, negligence or otherwise), to you or anyone else, for any claims, losses or damages, direct, indirect special, incidental, punitive or consequential, resulting from or occasioned by the creation, use of or reliance on this site (including information and other content) or any third party websites or the information, resources or material accessed through any such websites. In some jurisdictions, the contents of this blog may be considered Attorney Advertising. If applicable, please note that prior results do not guarantee a similar outcome. Photographs are for dramatization purposes only and may include models. Likenesses do not necessarily imply current client, partnership or employee status.

Related Services