On November 8, 2021, the Department of Health & Human Services (HHS) Office of Inspector General (OIG) released a revised and renamed Provider Self-Disclosure Protocol: the OIG “Health Care Fraud Self-Disclosure” protocol (SDP). This is the first revision to the SDP since 2013.
The SDP is limited to matters that involve potential violations of Federal criminal, civil or administrative law for which civil monetary penalties (CMPs) are authorized. As described on the OIG website, “Self-disclosure gives persons the opportunity to avoid the costs and disruptions associated with a Government-directed investigation and civil or administrative litigation.” One expectation of the SDP is that the provider or supplier identify its corrective action(s). Specifically, the problematic conduct should have stopped prior to disclosure or be in the process of termination, and all other necessary corrective action should be complete and effective at the time of disclosure.
Below, we describe the top takeaways from the revised SDP and what organizations should know before starting the self-disclosure process.
In the revised SDP, OIG doubles the minimum settlement amounts required to resolve matters accepted into the SDP. For kickback related matters, OIG increased the minimum settlement amount from $50,000 to $100,000. For all other matters accepted into the SDP, OIG increased the minimum settlement amount from $10,000 to $20,000. These increases track the increased CMP maximum imposed by the Bipartisan Budget Act of 2018. (Current CMP maximum adjusted penalties can be found at 45 C.F.R. § 102.3.)
With the revised SDP, OIG clarifies that the SDP is not an appropriate vehicle for disclosures related to recipients of HHS grants, or for federal contractors. Rather, OIG states that these matters should be disclosed through OIG’s Grant Self-Disclosure Program and OIG’s Contractor Self-Disclosure Program.
OIG allows organizations under CIAs to use the SDP, but with this revision, requires the organization to reference the fact that it is subject to a CIA, and send a copy of the disclosure to its OIG monitor. OIG clarifies that any disclosure that constitutes a reportable event (as defined by the CIA) must be reported to OIG.
OIG requires that parties provide an estimate of damages. With the revised SDP, OIG clarifies that this estimate must include an itemization of damages for each Federal health care program, and a total of damages for all Federal health care programs.
In the SDP, OIG states that it will coordinate with DOJ to resolve civil and criminal matters. OIG states that it will “advocate that the disclosing party receives a benefit from disclosure under the SDP” for civil matters. In the last [prior] version of the SDP, OIG included this same language regarding criminal matters. However, OIG removed this reference for criminal matters in the revised SDP. Whether the SDP’s current advocacy limitation to civil matters will be significant will, of course, remain to be seen as new cases work their way through the SDP process. The Sentencing Guidelines used for criminal cases continue to reflect “credit” for compliance efforts, but the SDP’s advocacy change may reflect an increasing intolerance for health care fraud that is thought to rise to a level of criminality, or it may reflect a realignment of delegation enforcement authorities. OIG also notes that any disclosure of criminal conduct through the SDP will be referred to DOJ for resolution.
OIG provided updated statistics regarding the SDP process. Specifically, between 1998 and 2020, OIG has resolved over 2,200 disclosures, which resulted in OIG recovering more than $870 million for Federal health care programs. Between 2016 and 2020, OIG resolved 330 SDP cases through settlements, and released all disclosing parties from permissive exclusion without requiring any integrity measures.
OIG previously allowed organizations to submit disclosures to the SDP via mail. With the revised SDP, OIG is now requiring all submissions through its website.
OIG’s revised SDP confirms OIG’s continued expectation that providers and suppliers will identify, rectify, and resolve instances of potential fraud involving the Federal health care programs. In essence, the SDP provides an “exit strategy” for resolution of risk. To take advantage of the SDP, providers and suppliers must have an active and effective compliance program that can identify potentially fraudulent conduct and be able to stop it and address the consequences.
Visit Foley's Health Care Regulatory Group for more information on health care fraud and abuse, reimbursement, compliance, and more. Foley’s objective is to make certain that our health care clients are in the best position to avoid, or successfully defend, regulatory violations. Please reach out to the authors, your Foley relationship partner, or to anyone on our Health Care Regulatory Group with any questions.