On April 18, the OIG updated the criteria it uses to determine whether exclusion or a lesser penalty is the appropriate remedy – underscoring the renewed emphasis the OIG is placing on this important weapon in its arsenal to fight against fraud and abuse.
The Office of Inspector General (OIG) has the authority to exclude individuals or entities (collectively “person”) that engage in illegal or fraudulent conduct from participation in Federal health care programs to protect the programs from further risk. An excluded person may not prescribe, order or furnish services and may not receive payment from Federal health care programs. Exclusions are the “death knell” for the Medicare provider and mandatory exclusions last a minimum of 5 years and some can be indefinite.
A full explanation of the newly updated criteria can be found HERE. The criteria is non-binding, but gives insight into what the OIG expects from providers – with harsh penalties for those who are likely to continue to commit fraud and less serious penalties for those who have an active compliance program in place and who self-disclose potential fraud.
All health care fraud cases are evaluated by the OIG against a risk spectrum from high risk to no risk of the person continuing to pose a threat to federal health programs. The risk level determines the penalty imposed by the OIG.
When a violation is found the OIG presumes that there is high risk to federal health care programs and the person should be excluded for some period of time to prevent further fraud. It is up to the person to combat the presumption and prove that exclusion is not necessary.
The OIG evaluates four categories using the following criteria to assess whether the person poses a high risk to federal healthcare programs. Each factor can indicate higher risk, lower risk or be neutral to the assessment.
Nature and Circumstances of the Conduct
- Did it cause harm to individuals? Harm increases the risk level, but a lack of patient harm does not decrease the risk level.
- What is the extent of financial loss to federal health care programs? The greater the loss the higher the risk will be.
- Was the conduct part of a pattern of wrongdoing?
- Was the conduct ongoing and/or occur over a substantial period of time?
- Did an individual with leadership responsibilities lead, organize or plan the unlawful conduct?
- Does the person have a history of fraudulent conduct? A prior CIA, prior refusal to enter a CIA or prior breach of a CIA all indicate higher risk.
Conduct During the Government’s Investigation
- Did the person obstruct the investigation, conceal information?
- Did the person fail to comply with a subpoena? Prompt response to a subpoena is expected and does not decrease the risk.
- Did the person conduct an internal investigation before becoming aware of the government’s investigation? Sharing the results of the investigation or self-disclosing to the government after the internal investigation indicate lower risk.
- Does the person clearly demonstrate acceptance of responsibility for the conduct?
- Did the person cooperate with the investigation? Did the cooperation result in action against or resolution with other individuals or entities? These indicate lower risk
- Was there an adverse licensure action as a result of the conduct?
- Was there a criminal resolution?
- Can the individual pay the appropriate amount to resolve the case?
Significant Ameliorative Efforts
- Has the person taken appropriate disciplinary action against responsible individuals?
- Has the person dedicated significantly more resources to the compliance function?
- Since the end of the conduct has the entity been sold in an arms-length transaction to an independent third party?
- Has a licensed individual taken steps to improve his ability to practice as a provider?
History of Compliance
- Prior to becoming aware of the investigation does the person have a history of good-faith self-disclosures?
- Does the person have a compliance program incorporating the seven essential elements? The presence of one does not lower the risk, but the absence of one indicates higher risk.
What this means is that simply having a compliance program is no longer enough to avoid significant penalties after an investigation. Your compliance program must be active and have the resources necessary to conduct regular internal audits, investigate detected and reported misconduct, enforce policies consistently, increase compliance efforts when problems arise and self-disclose when appropriate.