OIG ISSUES NEW VOLUNTARY DISCLOSURE PROTOCOL

OIG ISSUES NEW VOLUNTARY DISCLOSURE PROTOCOL

Andrew B. Wachler and Phyllis A. Avery
Wachler & Kopson, P.C. Royal Oak, MI

Introduction
The Office of Inspector General {"OIG") of the Department of Health and Human Services has published a Provider Self-Disclosure Protocol aimed at encouraging health care providers who may have engaged in fraudulent and abusive practices to come forward and disclose this information to the OIG. 63 Fed. Reg. 58399 (October 30, 1998). Unlike a pilot voluntary disclosure program introduced in 1995 as part of Operation Restore Trust, the new self-disclosure initiative is open to all providers nationwide including those providers that are already subject to a government inquiry (audit or investigation).

Like the Operation Restore Trust disclosure program, however, the new self-disclosure initiative makes no promises that the disclosures will not result in criminal or civil actions against the disclosing provider. Indeed, the Protocol specifically states that the OIG is not obligated to resolve a matter in any particular manner and that the OIG may conclude that the disclosed matter warrants a referral to the Department of Justice for consideration for criminal or civil action against the provider. It remains to be seen whether this new voluntary disclosure program will prove more successful than the Operation Restore Trust pilot disclosure program. The success or failure of the Self-Disclosure Protocol will depend upon the OIG's implementation of the Protocol and whether it is perceived as treating providers who self-disclose fairly.

New Self-Disclosure Protocol
In 1995, Operation Restore Trust was introduced as an anti-fraud initiative focused on the durable medical equipment, home health, nursing home, and hospice care industries. The pilot voluntary disclosure program, which was available to these entities in five select states, failed to garner significant interest. The pilot program, which ended in June 1997, accepted only about a few providers into the voluntary disclosure program. The OIG hopes that the new Self-Disclosure Protocol will prove more successful.

The OIG has introduced its Self-Disclosure Protocol by explaining the OIG's belief that health care providers who participate in Medicare, Medicaid and other Federal health care programs have an ethical and legal duty to ensure the integrity of their dealings with these programs. Specifically, the OIG states that "[t]his duty includes an obligation to take measures, such as instituting a compliance program, to detect and prevent fraudulent, abusive and wasteful activities." The OIG expects that providers will implement procedures and mechanisms for the purpose of examining and resolving issues relating to non-compliance. The Self-Disclosure Protocol is designed to encourage providers who discover irregularities to investigate the matter, assess the potential loss to the government program, and then voluntarily disclose this information.

The OIG touts the new self-disclosure protocol as offering the opportunity to minimize potential cost and disruption of a full scale audit and investigation, to negotiate a fair monetary settlement, and to avoid an OIG permissive exclusion preventing the provider from doing business with Medicare, Medicaid or other Federal health care programs. The Protocol indicates that the OIG will "generally" agree, "for a reasonable period of time," to forego an investigation of the matter if the provider agrees that it will conduct an internal review in accordance with the Protocol's guidelines for these reviews. As noted, however, the OIG is not making any commitments as to how a particular disclosure will be resolved or as to the specific benefit that will inure to a disclosing entity. Further, once the provider has given the OIG detailed information and documentation concerning an "irregularity," the OIG may decide that the matter warrants a referral to the Department of Justice for consideration under its civil and/or criminal authorities.

Information to be Disclosed
Providers who are interested in disclosing information concerning irregularities are asked to submit the disclosure in writing to the OIG and are asked to: (1) include information identifying the providers and entities involved; (2) indicate whether the provider has knowledge of a current government or contractor inquiry into the matter; (3) provide a full description of the matter including the type of claim, transaction or conduct involved; (4) identify the type of provider and the provider's billing numbers; (5) set forth the reasons why the provider believes there may have been a violation of a criminal, civil or administrative law; and (6) certify that the information submitted to the OIG is truthful and is based upon a good faith effort to notify the government in order to resolve potential liabilities.

The Protocol states that a disclosure report should include a written narrative that, among other things, identifies the potential causes of the incident or practice such as "intentional conduct" or "circumvention of corporate procedures or Government regulations." It also states that a disclosure report should identify "corporate officials, employees or agents who knew of, encouraged, or participated in" the incident or practice. Further, according to the Protocol, the report should identify the "corporate officials, employees or agents who should have known of, but failed to detect" the incident or practice at issue. By requiring this information, the OIG may be laying a trap for the unwary provider. These inquiries seek answers to legal questions involving the basic elements of criminal and civil actions which the government may bring against a provider. For example, in order to impose civil monetary penalties upon a provider, the government would have to prove that the provider "knew or should have known" that the claims were false or fraudulent. Under the Federal criminal False Claims Act, the government must show that a provider made or presented claims for payment "knowing" that the claims were false, fictitious, or fraudulent. Through the Self-Disclosure Protocol, the OIG is asking providers to make admissions regarding their intent and knowledge which the government would otherwise have the burden of proving in an action against the provider. Further, these are specific legal terms that may not have the same meaning to a layperson. The result could be that providers may make admissions of liability without recognizing the legal consequences of their statements.

In addition, upon receipt of the provider's disclosure submission, the OIG will take steps to verify the information submitted. The Protocol reflects that in order to do so the OIG must "have access to all audit work papers and other supporting documents without the assertion of privileges or limitations on the information produced." The Protocol does state that "in the normal course," the OIG will not request documents protected by the attorney-client privilege, but if it believes these materials are necessary it will seek to work with the provider's counsel to obtain the information without waiving the protections of the privilege. The Protocol does not specify how the OIG will respond if a provider is unwilling to provide information protected by the attorney-client privilege. Additionally, if, during its verification efforts the OIG uncovers another matter outside the scope of the matter being disclosed, the OIG may treat the new matter as outside the Protocol. This fact may not be terribly significant, however, since the Protocol provides no guaranteed protection for the provider for matters handled within the Protocol. However, if the OIG uncovers something that the provider did not disclose, this may have an impact on the OIG's willingness to work cooperatively with the provider.

Interestingly, once a provider has conducted an internal investigation and determined that some amount is due to a government program, the OIG will not accept repayment of the overpayment until it completes its inquiry. Further, the Protocol states that the provider must refrain from making the repayment to the Federal health care program involved or the relevant contractor without the OIG's prior consent. Even if the OIG consents to the repayment, it will make the provider sign an agreement that acceptance of the payment does not constitute the government's agreement to the amount of loss suffered and that it does not affect the government's ability to pursue criminal, civil or administrative remedies.

Conclusion
Providers considering making disclosures under the Protocol are well advised to seek legal counsel from health care specialists before making any determinations regarding self-disclosure. While the Protocol is clearly an effort by the OIG to encourage self-disclosure as a means of combating perceived fraud and abuse in the health care industry, self-disclosure under the Protocol involves significant risks without any guaranteed benefit. Providers may be better served by making a commitment to compliance through adoption of a well thought out corporate compliance program. Health care attorneys who work with providers to develop and implement corporate compliance programs may be in the best position to help providers fulfill their duty of compliance while minimizing the risk of adverse actions.

Wachler & Kopson, P.C. concentrates its practice in representing physicians, physician organizations, hospitals, physician-hospital organizations, hospices, integrated health care delivery systems, managed care organizations, nursing facilities, medical societies, and durable medical equipment suppliers and other health care entities in all areas relating to health care including third-party payor reimbursement and billing issues, fraud and abuse analysis, corporate compliance plans, managed care, health care business transactions, health insurance litigation, staff privileges, licensure, and employment matters.