OIG Publishes Solicitation for Recommendations to Improve the Health Care Provider Self-Disclosure Protocol

OIG Publishes Solicitation for Recommendations to Improve the Health Care Provider Self-Disclosure Protocol

The Office of Inspector General of the Department of Health and Human Services ("OIG") is asking all interested parties for information and recommendations on its existing Provider Self-Disclosure Protocol ("Protocol").[1] This significant request was published on June 18, 2012, to "inform[ ] the public that the OIG: (1) intends to update the Provider Self-Disclosure Protocol . . . and (2) solicits input from the public for OIG to consider in updating the Protocol."[2] All interested parties must submit comments to the OIG by 5 p.m. on August 17, 2012. The OIG will accept comments electronically at http://www.regulations.gov, by mail, or by hand.[3] Comments will be made publicly available. We urge all interested parties to submit comments to this important Protocol.

Self-Disclosure Protocol Background

The Protocol, published by the OIG in October 1998, provides a mechanism through which providers may voluntarily report to the OIG potential violations of criminal, civil, or administrative law governing federal health care programs for which exclusion or civil monetary penalties are authorized.[4] The Protocol is a critical reporting process for health care providers to utilize, as appropriate, for the formal resolution of matters with the OIG in a cooperative manner.[5] The Protocol is open to all health care providers of any industry, including individuals and entities.[6] "Health care provider" is not defined in the Protocol.[7]

The OIG has long held that health care providers have an obligation to take measures to detect and prevent fraud, waste, and abuse. OIG guidance regarding the elements of an effective corporate compliance program includes voluntary reporting to enforcement authorities when issues are identified.[8] The Protocol is designed to support the voluntary reporting obligations. As such, the Protocol provides guidance regarding investigating the conduct at issue, quantifying damages, and reporting the conduct to the OIG.[9]

Generally, to participate in the Protocol, a provider's initial written submission to the OIG must include: (i) the "basic information"[10] described in the Protocol; (ii) a complete description of the conduct being disclosed; (iii) a description of the provider's internal investigation or a commitment when it will be completed; (iv) an estimate of the damages to the federal health care programs and the methodology used to calculate the amount, or a commitment from the provider regarding when it will complete the estimate; and (v) a statement of the laws potentially violated by the conduct.[11] Upon receipt of a Protocol submission, the OIG determines whether to accept the provider into the Protocol. The provider must be in a position to complete the internal investigation and damages estimate within three months after acceptance into the Protocol.[12] Additionally, the OIG expects good faith participation, full cooperation, and timely responses from the provider.[13]

The OIG has provided additional guidance and clarifications regarding the Protocol since implementing the Protocol in October 1998. This guidance has been in the form of three Open Letters to health care providers, in 2006, 2008, and 2009.[14] Specifically, the 2006 Open Letter provided a self-reporting mechanism for potential violations of the physician self-referral Stark Law and anti-kickback laws.[15] Such violations are limited to those with an estimated settlement value of at least $50,000 and must be coupled with a disclosure of a "colorable" anti-kickback statute violation.[16] The 2008 Open Letter provided additional guidance to health care providers regarding the initial submission to the OIG and the OIG's expectations regarding the provider's cooperation with the OIG if accepted into the Protocol.[17] The 2009 Open Letter stated that settlements through the Protocol generally will not require the provider to enter into a Corporate Integrity Agreement or Certification of Compliance Agreement.[18]

The OIG also recently released videos and podcasts on its website related to the Protocol to further encourage providers to use this self-reporting mechanism.[19]

Key Considerations Regarding Solicitation of Comments

The OIG's solicitation seeks comments, recommendations, and other guidance from "concerned parties and organizations" to enhance its guidance to health care providers regarding the Protocol. This is a critical opportunity for health care providers and other interested parties to provide comments and recommend improvements to the Protocol that will make the process efficient and effective for all health care providers.

For example, health care providers may want to provide comments regarding how to streamline the reporting and resolution process. Health care providers also may want to seek clarification regarding Stark Law violations or overpayments that may implicate both the Protocol and relevant CMS reporting obligations.[20] Indirect providers, such as pharmaceutical, biotechnology, and medical device manufacturers, may want to consider submitting comments that describe how the Protocol should be revised to address the reporting obligations of this specific industry sector, including, by way of example, challenges associated with the calculation of damages. Additionally, as self-reporting is an important element in health care providers' corporate compliance programs, all providers should consider improvements to the Protocol that will aid in the implementation of an effective corporate compliance program. Epstein Becker Green is available to assist with drafting and submitting comments to the OIG.

* * *

This Client Alert was authored by Sarah K. diFrancesca, George B. Breen, and Wendy C. Goldstein. Benjamin M. Zegarelli, a Summer Associate (not admitted to the practice of law) in Epstein Becker Green's New York office, contributed significantly to the preparation of this alert. For additional information about the issues discussed in this Client Alert, please contact one of the authors or the Epstein Becker Green attorney who regularly handles your legal matters.

The Epstein Becker Green Client Alert is published by EBG's Health Care and Life Sciences practice to inform health care organizations of all types about significant new legal developments.

Lynn Shapiro Snyder, Esq.


[2] Id.

[3] The Federal Register Notice provides information regarding the submission of comments by regular mail, express mail, and hand delivery.

[4] 63 Fed. Reg. 58,399 (Oct. 30, 1998), available at http://oig.hhs.gov/compliance/self-disclosure-info/index.asp; Office of Inspector General, Dep't of Health & Human Serv., An Open Letter to Health Care Providers (Apr. 15, 2008), available at http://oig.hhs.gov/compliance/self-disclosure-info/index.asp [hereinafter 2008 Open Letter].

[5] 63 Fed. Reg. 58,400.

[6] Id.

[7] The definition used by the Department of Health and Human Services is "a provider of services (as defined in section 1861(u) of the Act, 42 U.S.C. 1395x(u)), a provider of medical or health services (as defined in section 1861(s) of the Act, 42 U.S.C. 1395x(s)), and any other person or organization who furnishes, bills, or is paid for health care in the normal course of business." 45 C.F.R. § 160.103.

[8] 63 Fed. Reg. 58,400.

[9] Id. at 58,401 — 58,403.

[10] Id. at 58,401.

[11] 2008 Open Letter, supra note 4.

[12] Id.

[13] Id.

[14] See Office of Inspector General, Dep't of Health & Human Serv., An Open Letter to Health Care Providers (Apr. 24, 2006), available at http://oig.hhs.gov/compliance/self-disclosure-info/index.asp [hereinafter 2006 Open Letter]; 2008 Open Letter, supra note 4; Office of Inspector General, Dep't of Health & Human Serv., An Open Letter to Health Care Providers (Mar. 24, 2009), available at http://oig.hhs.gov/compliance/self-disclosure-info/index.asp [hereinafter 2009 Open Letter].

[15] 2006 Open Letter, supra note 14. Stark Law violations may be disclosed to CMS through a separate self-referral disclosure protocol. See http://www.cms.gov/?Medicare/?Fraud-and-Abuse/?PhysicianSelfReferral/?Self_?Referral_?Disclosure_?Protocol.html. Additionally, Section 6402(a) of the Affordable Care Act, Pub. L. No. 111-148, 124 Stat. 119 (2010), requires CMS to establish another disclosure protocol relevant to certain overpayments identified by Medicare and Medicaid providers. See Medicare Program; Reporting and Returning of Overpayments (Proposed Rule), 77 Fed. Reg. 9719 (Feb. 16, 2012), available at http://www.gpo.gov/fdsys/pkg/FR-2012-02-16/pdf/2012-3642.pdf. For more information on this proposed rule, see the Epstein Becker Green Client Alert at /publications/health-reform-the-clock-is-ticking-cms-issues-a-proposed-rule-on-reporting-and-returning-overpayments/.

[16] 2009 Open Letter, supra note 14.

[17] 2008 Open Letter, supra note 4.

[18] 2008 Open Letter, supra note 4.

[20] See supra note 15.