Health Law News

Print PDF

OIG Issues Updated Self-Disclosure Protocol

Posted on April 22, 2013 in Health Law News

Published by: Hall Render

Executive Summary

On April 17, 2013, the Office of Inspector General (“OIG”) issued an updated version of its Self-Disclosure Protocol (“Protocol”).  In 1998, the OIG published the original Protocol to establish a process for health care providers to voluntarily identify, disclose and resolve instances of potential fraud involving federal health care programs, particularly with respect to potential violations of the federal Anti-Kickback Statute (“AKS”) and the employment of, or contracting with, excluded persons.  The Protocol provided guidance on how to: (1) investigate the conduct; (2) quantify damages; and (3) report the conduct to the OIG to resolve a provider’s potential exposure under applicable federal laws.  Since first publishing the Protocol nearly 15 years ago, the OIG issued three Open Letters to the health care industry in 2006, 2008 and 2009 providing additional guidance related to the self-disclosure process.  The updated Protocol replaces the original 1998 version of the Protocol and supersedes these Open Letters.  The Protocol includes several key improvements that should make it a more attractive tool for disclosing parties to resolve instances of potential fraud involving federal health care programs.  A copy of the Protocol is available here.


Significant changes and clarifications in the Protocol include the following:

  • Disclosing parties are expected to disclose with a good faith willingness to resolve all liability within the Civil Monetary Penalties Law’s (“CMPL”) six-year statute of limitations;
  • Overpayment reporting and repayment obligations under the 60-day refund requirement are suspended pending settlement, withdrawal or removal from the Protocol;
  • Recognition of the use of various damage calculation methodologies that providers and the OIG have used for years that are specific to the type of conduct disclosed (including the OIG’s general practice to require a minimum multiplier of 1.5 times the single damages);
  • The OIG reaffirmed its presumption, included in the 2008 Open Letter, against requiring a Corporate Integrity Agreement when resolving disclosed conduct;
  • Setting a $10,000 minimum settlement amount for disclosures that do not involve potential AKS violations (AKS-related submissions remain subject to a $50,000 minimum settlement amount);
  • Billing-related disclosures must use a sample of at least 100 units and use the mean point when estimating damages;
  • Express acknowledgment that pharmaceutical and medical device manufacturers, who rarely used the Protocol in the past based on its focus on providers, may take advantage of the Protocol;
  • Disclosures may be submitted through the OIG’s website;
  • The elimination of certain detailed reporting requirements; and
  • Clarification that the OIG will coordinate with the Department of Justice to resolve any potential false claims liability.

In addition to these changes, the updated Protocol provides additional guidance specific to disclosures that involve AKS and Stark Law violations, excluded persons and false billing.

Disclosures Involving Anti-Kickback Statute and Stark Law

The OIG will continue to accept disclosures that involve potential violations of the AKS and disclosures involving potential violations of both the AKS and the Stark Law. (Stark Law only violations cannot be resolved through the OIG Protocol.)  The Protocol continues to require that disclosing providers clearly acknowledge that the disclosed arrangement(s) potentially violates the AKS and, if applicable, the Stark Law.  In addition, disclosing parties must include a narrative describing each disclosed arrangement with a concise statement of why each disclosed arrangement possibly violates the AKS and, if applicable, the Stark Law.  The Protocol also lists several examples of the type of information that the OIG finds helpful in assessing and resolving disclosed conduct.

Additionally, the OIG reaffirmed that its general approach for resolving potential AKS violations is to apply a multiplier to the remuneration conferred by the disclosing party to the entity or individual making the referral.  Although the OIG does require parties to submit an estimate of the amount paid by federal health care programs for services resulting from the potential violation, the use of a remuneration-based methodology for settlement purposes creates an additional incentive for disclosing AKS and Stark Law violations under the Protocol.

Disclosure Involving Excluded Persons

Like AKS-related disclosures, the Protocol provides more detailed guidance to providers for disclosures involving excluded persons.  For this type of disclosure, the disclosing provider must include certain specified information relating to the excluded person’s hire and employment as well as the disclosing provider’s general policies for screening persons against the OIG’s List of Excluded Individuals and Entities (“LEIE”).  Before disclosing the employment of, or the contracting with, an excluded individual or entity, the disclosing provider must screen all of its current employees and contractors against the LEIE.

In the Protocol, the OIG clarified how providers should calculate damages related to the employment of or the contracting with an excluded person.  If the disclosing provider employed or contracted with a person who directly bills federal health care programs for items or services such as a physician or pharmacist, the disclosure must include the total amount claimed and paid for by federal health care programs for these items and services.  If, on the other hand, the disclosure involves items or services that are not separately billable items or services, the OIG suggests that the disclosing provider may use a modified approach to calculating damages involving the excluded individual’s total salary and benefit expenses as applied to the provider’s appropriate federal health care program utilization rate.

Disclosures Involving False Billings

For disclosures that involve the submission of improper claims, disclosing providers are expected to conduct a review to estimate the total financial impact to government health care programs.  Depending on the volume, this estimation of damages should consider all affected claims or a statistically valid sample of claims that can be extrapolated to the universe of affected claims.  When conducting the financial impact analysis, the Protocol also prohibits the netting of underpayments and overpayments in the sample.

The Protocol requires that when a disclosing provider chooses to calculate the financial effect through a statistically valid sample, such sample must include, at a minimum, 100 claims and use the mean point estimate to calculate the financial effect.  In order to avoid large sample sizes, the OIG does not require a minimum precision level for review of the claims.  This leaves the disclosing provider some latitude to select the sample size as long as the sample size contains at least 100 claims.

Benefits of Disclosure/Practical Takeaways

The OIG reiterated its view of the significant benefits of self-disclosing potential fraud to the OIG, including that self-disclosure may mitigate a provider’s exposure since it confirms that the provider maintains a robust and effective compliance program.  As a result, the OIG reaffirmed its presumption against requiring a Corporate Integrity Agreement when resolving disclosed conduct.  In addition, the OIG restated its belief that providers that use the Protocol should be rewarded by paying lower damage amounts than would normally be required in a government-initiated investigation.

Overall, the updated Protocol is a positive development for providers that discover potential fraud involving federal health care programs.  While providers should continue to carefully analyze the facts and circumstances surrounding a potential violation before determining the best course of action for resolving the matter, the updated Protocol may offer a more flexible option for resolving these violations than had been the case under the prior version of the Protocol.  It also offers providers additional insight as to how the OIG will approach settlement of these matters.

If you have any questions regarding the Protocol, please contact: