2015 Year-End Health Care Compliance and Enforcement Update – Providers

February 18, 2016

This past year marked 50 years since the establishment of the federal Medicare and Medicaid programs, but U.S. enforcement agencies did more than commemorate the programs’ anniversary in 2015.  Both the U.S. Department of Justice ("DOJ") and the U.S. Department of Health and Human Services ("HHS") continued to develop new and more robust ways to pursue fraud, waste, and abuse in federal and state health care programs, and the proof was in the prosecutions.  On the heels of a record-breaking 2014, 2015 proved to be yet another blockbuster year in health care fraud and abuse enforcement.

The past twelve months demonstrated that health care providers of all shapes and sizes remain in the government’s crosshairs.  Even after years of regulatory and enforcement initiatives, the government managed to expand its efforts in significant ways in 2015.  Among other notable developments, the government’s False Claims Act ("FCA") provider enforcement figures far surpassed last year’s record-breaking numbers in both the number of resolutions and the recovery amounts; the DOJ notched its largest criminal health care fraud takedown in the department’s history; and HHS’s Office of Inspector General ("HHS OIG") increased its enforcement efforts, using its civil monetary penalty and exclusion authorities.  Meanwhile, on the legislative front, the U.S. House of Representatives’ passed the ground-breaking 21st Century Cures Act, which supports health care infrastructure innovation, including health information technology interoperability.

As in our 2014 Year-End Health Care Compliance and Enforcement Update on Providers ("2014 Year-End Update"), we discuss below regulatory and enforcement developments impacting health care providers.  This update first addresses DOJ enforcement activity against health care providers specifically relating to civil and criminal FCA cases.  Next, we discuss notable HHS enforcement activity, followed by Anti-Kickback Statute ("AKS") and Stark Law developments from this past year.  Finally, we turn to significant government health program payment and reimbursement matters that developed during 2015.  A collection of Gibson Dunn’s recent publications on health care issues impacting providers may be found on our website.

I.          DOJ Enforcement Activity

DOJ has shown no signs of slowing its vigorous pursuit of health care fraud and enforcement cases in 2015.  To the contrary, this year’s comments by Assistant Attorney General Leslie Caldwell indicate that the government continues to look for ways to expand those efforts.  During her speech at the American Bar Association’s 25th Annual National Institute on Health Care Fraud, AAG Caldwell stated that DOJ will put a "high priority" on pursuing health care fraud cases against corporations and executives, and that she expects this to be a "growing" part of DOJ’s docket.[1] 

AAG Caldwell also identified several areas of "emerging fraud trends" as "the latest frontiers in Medicare fraud": namely, cases involving Medicare Part D, laboratory services, hospital-based services, and hospice care.[2]  Of course, these areas have been under scrutiny in the FCA enforcement space for some time, and in 2015, the government and relators alike continued to press cases involving these and other provider services with even greater fervor than before. 

Indeed, the number of open health care fraud investigations of corporations multiplied in 2015, as DOJ "steer[ed] additional prosecutorial resources to this area" and expanded its use of data mining techniques to identify and pursue potential targets.[3]  DOJ publicized its dedication to health care enforcement recently, emphasizing the outsized role health care resolutions played in the department’s overall FCA recoveries during Fiscal Year 2015.[4]  Below we summarize the government’s 2015 enforcement efforts against providers in the FCA and criminal spaces.

            A.                False Claims Act

With record numbers of new cases filed almost every year over the past five years,[5] it should be no surprise that 2015 was another banner year for the government in FCA recoveries from health care providers.  The government–and private whistleblowers (called qui tam "relators" under the FCA)–regularly employ the FCA to enforce all manner of government health program rules.  Regardless of the health program rule at issue, the stakes are high in FCA cases:  many providers submit thousands of claims to government payors each year, and thus the FCA’s per-claim penalty range of $5,500 to $11,000 creates staggering potential exposure even aside from the statute’s mandatory treble damages.  As we explained in our 2015 Year-End False Claims Act Update, that penalty range may almost double in 2016 and the years to come.

                        1.                  FCA Recoveries from Providers

DOJ’s enhanced efforts in the health care fraud space allowed it to top its remarkable recoveries from health care providers last year.  This year’s 195 FCA settlements against providers far surpassed the 77 from 2014, and the total recoveries–over $1.9 billion–greatly exceeded the $1.2 billion recovered in 2014.[6] 

The 2015 settlements reflect a broad range of industries and legal theories, as exhibited in the graphs below.

Number of FCA Settlements with Providers, by Provider Type:

As in prior years, cases against hospitals, clinics, and single providers led the way in terms of FCA resolutions in 2015; of those, recoveries from hospitals (just over $808 million), not surprisingly, far outpaced recoveries from smaller providers (just over $51.3 million).

Number of FCA Settlements with Providers, by Allegation Type:

Also consistent with recent trends, the resolved matters primarily involved allegations that the provider’s care lacked medical necessity, although a significant number of cases were predicated on alleged AKS and Stark Law violations.[7] 

In medical necessity cases, the government often pursues enforcement of myriad health program rules under the FCA on the theory that some of those rules are conditions of government payment. Under the government’s theory, providers that violate any such conditions may not receive reimbursement even for care that they provided.  Thus, although the government alleges that these FCA cases are, at their core, about whether the care was "reasonable and necessary," they are often much more varied and complex, and may involve very specific program rules.  This year was a banner year for large settlements in the medical necessity space, with two settlements in this area topping $200 million. 

In October, following government intervention in a qui tam action, Millennium Health, a laboratory, paid the second largest settlement of the year ($256 million).[8]  In that case, the government intervened and asserted that the company performed medically unnecessary urine drug and genetic tests and violated the AKS and Stark Laws by providing physicians free urine testing supplies in exchange for referrals.  Those allegations led to $237 million of the total recovery.[9]  The remainder–$19.2 million–was allocated to settle various administrative actions with CMS for administrative violations associated with the company’s billing practices.  In addition, Millennium Health entered into a five-year Corporate Integrity Agreement ("CIA").[10]   

The third largest monetary resolution of 2015, which resulted from a nationwide review of implantable cardioverter defibrillators ("ICDs"), was also the broadest resolution in terms of its scope.[11]  The review, which began with a qui tam suit filed in the U.S. District Court for the Southern District of Florida, resulted in settlements totaling $250 million, with 70 defendants representing over 450 different hospitals.[12]   The government alleged that the practitioners failed to abide by a "waiting period" between significant cardiac events and the implanting of ICDs.[13]  The scope of the settlement could continue to increase as DOJ continues its investigation into additional hospitals and health systems.[14] The breadth of this settlement serves as a reminder that the government continues to pursue opportunities to capitalize on large-scale investigations.

Other medical necessity cases this year involved allegations that companies provided services at a level of care that was unnecessary, even if the type of service itself was appropriate for a patient’s specific condition.  The largest such settlement in 2015 was a $28 million agreement reached with 32 hospitals across 15 states for allegedly billing inpatient services that could have been performed on an outpatient basis.[15]  Covenant Hospice Inc. also agreed to pay $10.1 million for allegedly overbilling Medicare, TRICARE, and Medicaid for higher levels of hospice care unsupported by the documentation in the patient’s medical record.[16] 

Cases premised on violations of anti-kickback statutes have long represented one of the most common theories of FCA liability.  2015 was no exception, as alleged violations of the AKS and Stark Law–which often go hand-in-hand–made up the largest categories of settlements next to medical necessity cases.  Indeed, seven other settlements (in addition to the large Millennium Health settlement) involved alleged violations of both the AKS and the Stark Law and ranged in total value from $520,000 to $ 22.1 million.[17] 

The past year’s AKS settlements demonstrate the extent to which the government scrutinizes the value of services provided when determining whether the true purpose of a financial arrangement was to induce referrals.[18]  Indeed, the types of the arrangements at issue in these cases varied widely, from monetary grants[19] to less direct forms of remuneration, such as the provision of free medical supplies.[20] 

In June, Hebrew Homes Health Network ("Hebrew Homes"), a nursing facility, paid $17 million to resolve allegations that it violated the AKS; this is the largest AKS-based FCA recovery to date against a nursing facility.[21]  The government alleged that Hebrew Homes had a practice of hiring physicians for meaningless "medical director" positions for the exclusive purpose of providing the physicians with compensation in exchange for referrals.  Notably, a new HHS OIG fraud alert addressed these types of arrangements, as we discuss in more detail in Part III.B.  The Hebrew Homes settlement also highlights DOJ’s growing focus on cases involving nursing homes and skilled nursing facilities ("SNFs"), and may preview further actions to come.

The year 2015 also saw five FCA settlements in which alleged Stark Law violations were the sole theory of FCA liability.  Although the Stark Law itself is a strict liability statute, the government and FCA relators often allege that, because Stark Law compliance is a condition of government payment, knowing violations of the statute are actionable under the FCA.  Settlements of cases focused on alleged Stark Law violations in 2015 ranged from $3 million[22] to $69.5 million.[23]  Other notable Stark Law developments are discussed in more detail in Part IV. 

Finally, 2015 also brought a new record recovery in an FCA case in which the government declined to intervene, as DaVita Healthcare Partners, Inc. paid $450 million to resolve allegations that the company submitted false claims for payment of drugs "wasted" in the administration of treatment to dialysis patients.[24]  At the time of the allegations, the Medicare program reimbursed dialysis providers for certain discarded drug product–for example, where the dosage of pre-packaged vials exceeded the amount prescribed for a given patient–where the provider was acting in good faith.[25]  In the settled qui tam action, two relators had alleged that DaVita sought to maximize reimbursement by using "dosing grids" and enacting protocols on dosage size and frequency to maximize the amount of drugs administered, resulting in unnecessary waste.[26]

                        2.                  State FCA Settlements

Although federal recoveries in the FCA space outpaced recoveries by state agencies, this past year was a banner year for the states as well.  In 2015, the total dollar value of recoveries by state agencies from health care providers topped $75 million.[27] 

The biggest recovery in a state-run investigation this year was New York’s $22.4 million recovery from Trinity Homecare LLC for improperly billing for an injectable drug for treating at-risk premature infants.[28]  According to the allegations, Trinity Homecare submitted claims to Medicaid even though it lacked documentation showing there was a valid prescription, or failed to maintain records demonstrating it delivered the drug.[29]  The Trinity settlement is remarkable because of its size and the fact that a federal agency was not a driving force in the matter.           

            B.                 FCA-Related Case Law Developments

In 2015, there were several significant decisions in cases that are testing civil FCA liability standards.  These developments have the potential to reshape plaintiff and defense strategies in FCA matters.  The questions for 2016 will be whether appellate courts will allow the precedential value of these developments to stand and whether, in the meantime, district courts in other jurisdictions will follow these decisions as persuasive authority.

                        1.                  Implied Certification

As discussed in more detail in our 2015 Year-End FCA Update, the Supreme Court granted certiorari in December in a case that may cabin the government’s and relators’ use of the implied certification theory of FCA falsity.  Under the implied certification theory, the government or relators allege that a government contractor’s claim for reimbursement implies that the contractor has complied with conditions of payment, which may be found in statutes, regulations, and contractual obligations.  In Escobar, relators sought to impose FCA liability on a mental health clinic for submitting a Medicaid reimbursement claim while allegedly in violation of state licensing and supervision regulations.  The two questions on which the Supreme Court granted certiorari in Escobar are:

1.      Whether the "implied certification" theory of legal falsity under the FCA . . . is viable.

2.      If the "implied certification" theory is viable, whether a government contractor’s reimbursement claim can be legally "false" under that theory if the provider failed to comply with a statute, regulation, or contractual provision that does not state that it is a condition of payment . . . or whether liability for a legally "false" reimbursement claim requires that the statute, regulation, or contractual provision expressly state that it is a condition of payment . . . .[30]

Because the implied certification theory underpins many FCA actions against providers–especially those premised on Medicare and Medicaid regulations–the Supreme Court’s Escobar decision may dispose of some suits and alter the landscape for many others. 

                        2.                  Falsity

In United States ex rel. Paradies v. AseraCare, Inc., one of the most closely watched FCA cases of the year, the U.S. District Court for the Northern District of Alabama bifurcated the trial.  The court decided to address initially the question of whether the defendant submitted false claims and then, as necessary, evaluate all other elements of the government’s case, including knowledge.[31]  We are not aware of another decision to bifurcate a trial in this way in the storied 150-year history of the FCA.  

During the trial’s first stage, the government’s only evidence of falsity consisted of a medical expert’s opinion.[32]  Nevertheless, the jurors sided with the government.  But, after the verdict, the court acknowledged that it "misstepped" by not advising the jury that the FCA requires proof of an objective falsehood and that "a mere difference of opinion, without more, is not enough to show falsity."[33]  The court granted AseraCare’s motion for a new trial and decided, sua sponte, to reconsider whether summary judgment on the issue of falsity would be appropriate.[34]  At the heart of the court’s order was its conclusion that FCA liability requires objective falsity (rather than a mere subjective difference in medical opinion between physicians).[35]  This case will be instrumental in defending future FCA actions that primarily rely on differing medical opinions.

Based on the evidence presented at trial–where even the government’s own witnesses noted that their opinions about the propriety of treatment had changed during the course of their review of the patient files at issue–it seems that AseraCare is poised to defeat the government’s action.  If AseraCare succeeds, an appeal to the Eleventh Circuit Court of Appeals is almost inevitable.  In any event, AseraCare seems likely to remain at the forefront of discussion regarding the FCA’s scope, and we will continue to monitor and report on important developments in the case.    

                        3.                  Statistical Sampling

As we reported in our 2014 Year End Update, two courts last year endorsed the use of statistical methods to draw conclusions about liability for a broad universe of claims based on a smaller sample.[36]  In the LifeCare and AseraCare cases from 2014, the courts allowed, at least preliminarily, the government to seek expansive liability for thousands of claims (and the associated, potentially massive damages and penalties) without establishing the falsity of each claim at issue.  In 2015, two more district courts followed suit.[37]   

In United States ex rel. Ruckh v. Genoa Healthcare LLC, the relator alleged that the defendant engaged in "flagrant upcoding" at fifty-three nursing facilities and sought to introduce expert testimony based on statistical sampling on the grounds that an individual analysis of each claim form was impractical.[38]  The defendant moved to exclude the statistical sampling evidence, arguing that "statistical sampling and extrapolation cannot form the basis for liability in a [qui tam] case due to the lack of individual proof."[39]  In denying the defendant’s motion, the U.S. District Court for the Middle District of Florida concluded that "no universal ban on expert testimony based on statistical sampling applies in a qui tam action (or elsewhere), and no expert testimony is excludable in this action for that sole reason (although defects in method, among other evidentiary defects, might result in exclusion)."[40]   

Similarly, in United States v. Robinson, the U.S. District Court for the Eastern District of Kentucky admitted statistical sampling in an FCA action against a physician and his employer for false claims submissions.  The defendant argued that "the United States should not be allowed to focus on the specifics of only 30 claims out of 25,779 in order to establish violations under the FCA or as a basis for extrapolation of damages"; rather, according to the defendant, the court should conduct a claim-by-claim review of each claim at issue.[41]  But the court disagreed, noting that "statistical sampling methods and extrapolation have been accepted in the Sixth Circuit and in other jurisdictions as reliable and acceptable evidence in determining facts related to FCA claims as well as other adjudicative facts."[42]

The government’s and relators’ attempts to impose sweeping liability for thousands (or tens of thousands) of claims using statistical sampling rather than individualized proof of the falsity of each claim is troubling, particularly in nationwide cases involving corporate defendants with multiple facilities and nuanced circumstances underlying each submitted claim.  But more definitive guidance from the federal courts on this critical issue may be forthcoming.  Indeed, the sampling approach faces a test in Michaels v. Agape Senior Community, Inc., which is currently at the briefing stage in the Fourth Circuit.[43]  With that case, the Fourth Circuit has a chance to become the first appeals court to weigh in on the question of the validity of statistical sampling in the FCA context. 

            C.                Criminal Prosecutions

This past year, DOJ pledged once more to increase criminal enforcement activity in the health care context.  With potential criminal enforcement as a lever, DOJ intends to press companies to cooperate even more extensively than they have in response to past investigations.  Last spring, AAG Caldwell reiterated that the Criminal Division will continue to apply the so-called Filip factors–the principles that have, since 2008, guided DOJ in its decisions to prosecute businesses in other corporate contexts–in the health care context as well.[44]  For companies to receive any mitigating credit for cooperation, AAG Caldwell stressed, they cannot merely respond to government subpoenas; instead, companies must conduct comprehensive internal investigations and disclose "all available evidence of wrongdoing to [DOJ] prosecutors in a timely and complete way."[45]  Such evidence also must include relevant information identifying the individuals who were involved, "no matter how high those individuals might have been on the corporate ladder."[46]  

AAG Caldwell’s remarks set the stage for DOJ’s more formal articulation of its policy with regard to pursuing individuals responsible for corporate misconduct.  On September 9, 2015, Deputy Attorney General Sally Quillian Yates issued a new policy memorandum to all DOJ attorneys entitled "Individual Accountability for Corporate Wrongdoing" (the "Yates Memorandum").  Although the Yates Memorandum acknowledges that federal prosecutors already implement many of its specified measures to pursue culpable individuals, the Yates Memorandum establishes "six key steps" designed to bolster DOJ’s efforts to "fully leverage its resources to identify culpable individuals at all levels in corporate cases."[47] 

Most consequentially, the Yates Memorandum states that DOJ will provide no cooperation credit whatsoever to a company unless it provides DOJ all relevant facts relating to individual misconduct.  This bright-line rule appears draconian, but it remains to be seen how DOJ determines what facts are "relevant" for purposes of this inquiry.  Other guidelines set forth in the Yates Memorandum focus on DOJ’s own standards and practices: investigations should focus on potentially culpable individuals at the outset and irrespective of their financial means; DOJ Civil and Criminal attorneys should coordinate their inquiries; corporate cases should not be resolved without a clear path to resolving any pending individual investigations; and only in exceptional cases should government attorneys accept corporate settlements that immunize individuals from liability.  For more information, please see Gibson Dunn’s detailed client update regarding the Yates Memorandum.[48]

Not surprisingly, DOJ attorneys did not wait for the Yates Memorandum to bring criminal cases against individual executives of large hospital-based providers this past year. 

After last year’s Medicare fraud takedown that ensnared 90 individuals, on June 18, newly-minted Attorney General Loretta E. Lynch announced a takedown of historic proportions: DOJ’s investigation resulted in the arrest of 243 individuals accused of defrauding the government of approximately $712 million in a variety of schemes involving fraudulent billings, violations of the AKS, money laundering, and aggravated identity theft.[49]  The Medicare Fraud Strike Force coordinated the monumental effort, which spanned 17 districts.  It stands–for now–as the largest criminal health care fraud takedown in the DOJ’s history.  Of the 243 individuals charged in the takedown, 46 were doctors, nurses, and other licensed medical providers. 

The past year saw DOJ pursue–and secure–eye-catching punishments, as well.  For example, the former president of a Houston-area hospital was recently sentenced after trial to 45 years’ imprisonment and ordered to pay almost $47 million in restitution for his role in a $158 million Medicare fraud scheme lasting from 2005 to 2012.[50]  His son and another co-conspirator received sentences of 20 and 12 years of imprisonment and were ordered to pay about $7.5 million and $47 million in restitution, respectively.[51]  The government accused the trio, along with seven other co-defendants who pleaded guilty,[52] of providing unnecessary intensive psychiatric treatment to patients who did not require such care, billing for care that was never provided, and paying kickbacks. 

DOJ’s efforts against individuals associated with larger providers did not come at the cost of abandoning criminal actions against smaller outfits.  For example, a husband and wife running a home health care clinic were recently sentenced to five years and one year, respectively, for their roles in a $2.4 million health care fraud scheme.[53]  The court also ordered these defendants to pay approximately $1.5 million in restitution and to forfeit another $1.5 million.[54]   

Given the success and scope of this year’s Medicare takedown, as well as the potential implications of the Yates Memorandum, the coming year may well see even more criminal enforcement activity. 

II.        HHS Enforcement Activity

            A.        HHS OIG Activity

                        1.         2015 Developments and Trends

After a blistering Fiscal Year 2014, during which HHS OIG reported nearly $5 billion in expected recoveries from its investigative and audit programs,[55] Fiscal Year 2015 proved significantly less lucrative.  The agency reported expected recoveries of just $3.35 billion–no small amount, to be sure, but a decrease of 33% over the previous year’s total.[56]  Much of the drop was attributable to a dramatic decrease in recoveries from investigative activities.  The agency collected just $2.2 billion from its investigative work, just over half of the amount it collected in 2014 and the lowest total since Fiscal Year 2008.[57]

But the decrease in dollars should not suggest that Fiscal Year 2015 represented a slowdown in enforcement activity for HHS OIG.  The 925 reported criminal actions were roughly on par with the figures from recent years, while the number of civil actions, including False Claims Act suits, civil monetary penalty ("CMP") settlements, and administrative recoveries saw a sharp uptick from previous years.[58] 

Source:  U.S. Dep’t of Health & Human Servs., Office of Inspector Gen., Semiannual Report to Congress (April-September 2015)

                                    a)         HHS OIG’s New Litigation Team

This past year, HHS OIG demonstrated its commitment to expanding and supporting its enforcement work by announcing in June the creation of a new litigation team focused exclusively on CMP and exclusion cases.[59]  After it is fully staffed, the team will consist of at least ten attorneys–double the resources previously dedicated to affirmative litigation–and will operate under the auspices of the Administrative and Civil Remedies Branch ("ACRB") of HHS OIG.  The new litigation team, which will handle cases that DOJ opts not to pursue, is expected to continue identifying cases warranting exclusions or CMPs by relying on referrals from other HHS OIG departments, by pursuing breaches of CIAs, and by supplementing FCA settlements.[60]  HHS OIG deputy branch chief Robert M. Penezic will lead the team.[61]

                                    b)         Notable Reports and Reviews

Medicare Part D billing has been a primary focus for HHS OIG in 2015.  After noting in its mid-year update to its 2015 Work Plan that it is "seeing a significant increase in Part D Fraud[,]"[62] HHS OIG released a portfolio summarizing the agency’s investigations and guidance related to weaknesses in Part D program integrity.[63]  The portfolio criticized CMS, concluding that CMS’s failure to require Part D plan sponsors to report information on fraud and failure to supervise plan sponsors effectively have contributed to the increase in fraud.[64]  Among the troublesome figures noted by HHS OIG are the following:  $1.2 billion in payments on claims with invalid prescriber identifiers in 2007; $15 million over three years in payments for prescriptions written by excluded providers; and payments on behalf of over 5,000 deceased beneficiaries in 2011.[65]  HHS OIG recommended that CMS require plan sponsors to report fraud and abuse and improve its detection of improper claims for payment.[66]  In connection with the release of the oversight portfolio, and of particular note to pharmacies, HHS OIG also reported that spending on Part D drugs has doubled since 2006, with particular growth in the spending on commonly abused opioids.[67]  Based on an assessment of billing patterns, HHS OIG identified 1,400 pharmacies with unusually high billing patterns in at least one of five key measures.  Those pharmacies alone accounted for $2.3 billion in Part D billing in 2014.[68]

During 2015, HHS OIG continued its work to help implement The Patient Protection and Affordable Care Act ("PPACA"), issuing fourteen separate reviews of health insurance marketplaces, as well as twelve other PPACA reports.[69]  Most dealt with PPACA programs in particular states, though a few looked more broadly at the implementation of PPACA requirements. 

In one notable report, HHS OIG found that health care providers failed to consistently identify, report, and return Medicaid overpayments, as required by PPACA, by reconciling patient records with credit balances.[70]  Approximately half the patient records reviewed by HHS OIG contained overpayments.[71]  HHS OIG recommended that CMS issue Medicaid regulations similar to Medicare regulations that require providers to exercise reasonable diligence in identifying and returning overpayments.[72]  The report likely heralds increased attention from CMS on issues related to reimbursement for Medicaid beneficiaries, so providers should confirm that they have established strong compliance policies for identifying overpayments.

Another HHS OIG report assessed compliance with the PPACA’s requirement that states terminate a provider’s participation in its state Medicaid program if the provider is terminated for reasons of fraud, integrity, or quality from another state’s Medicaid program.[73]  HHS OIG found that 12% of providers terminated for cause in 2011 continued to participate in other states’ Medicaid programs as late as January 2014, costing those programs at least $7.4 million.[74]  Twenty-five states did not require direct enrollment of providers participating in their Medicaid programs through managed care, meaning those providers could not be terminated and could continue operating without the state’s knowledge.[75]  This report could signal a new wave of regulations related to provider enrollment and disclosure of termination information.     

                        2.         Significant HHS OIG Enforcement Activity

In addition to working in partnership with DOJ, HHS OIG has continued to combat fraud and promote compliance with the rules of federal health care programs through the use of its statutory exclusion authority, the assessment of CMPs, the establishment of CIAs, and the issuance of advisory opinions.  As noted above, HHS OIG’s new litigation team will focus on these enforcement actions going forward.     

                                    a)         Exclusions

HHS OIG continued its recent aggressive use of its statutory authority to exclude health care providers from government health programs in 2015.  This penalty–the most lethal in HHS OIG’s arsenal–must be imposed upon any entity or individual engaged in patient-abuse related crime, felony health care fraud, or the use, manufacture, distribution or prescription of controlled substances.[76]  HHS OIG also has discretion to impose exclusion for fraudulent conduct, for submitting claims for medically unnecessary procedures and treatments, or in connection with a license suspension or CIA.[77]

After a record-setting 2014, in which HHS OIG excluded slightly more than 4,000 entities and individuals from government health programs, HHS OIG just exceeded that total in Fiscal Year 2015, excluding 4,112 entities and individuals.[78]  The exclusions include 53 entities, of which 14 are dental practices in Connecticut associated with a former dentist who has been on the exclusion list since 1998.[79]  The clinics received almost $25 million in fraudulent Medicaid payments before the government detected the dentist’s illegal involvement.[80]  The excluded entities also include 9 home health agencies, 6 transportation or ambulance companies, and 5 pharmacies.[81]  Of the individuals placed on the exclusion list during the Fiscal Year, 304 were identified as business owners or executives, a slight drop from last year’s total of 326 owners or executives excluded.[82]  Seventy-two of the excluded executives (almost 25%) operate home health agencies, and an additional 40 executives operate transportation or ambulance companies.[83]

                                    b)         Civil Monetary Penalties

Even without the assistance of a full-time litigation team this past year, HHS OIG used CMPs to great effect in 2015, assessing approximately $39 million in penalties against 54 individuals and entities.  Of those CMPs, 45 (more than 80%) were assessed for false or fraudulent billing.[84] Additional penalties were assessed for patient dumping (violations of the Emergency Medical Treatment and Labor Act ("EMTALA")),[85] violations of AKS and Stark Law physician self-referral prohibitions,[86] and drug price reporting requirements.[87]   

For most of the individuals and entities assessed penalties for false and fraudulent billing, HHS OIG alleged that the entity had employed an individual that the entity knew or should have known was excluded from participation in federal health programs.  This accounted for half of all CMPs assessed this year and 60% of CMPs for false and fraudulent billing.[88]  The trend is an important reminder that providers–particularly larger entities–should take care to adopt systems that ensure they are compliant with federal health program rules that apply to their individual employees.

The largest CMPs assessed against providers in 2015 are summarized below:

• Vantage Oncology, LLC, and Gulf Coast Cancer Center:  Alabama’s Vantage Oncology and related entities agreed to the year’s largest penalty.  The company was assessed a fine of more than $9.5 million for submitting claims for radiation oncology that were performed without the direct supervision and timely review of a radiation oncologist.[89]  Similar allegations resulted in a $2.6 million penalty for Gulf Coast Cancer Center and related entities.[90]  Both settlements were reached in July 2015.  
• W.A. Foote Memorial Hospital d/b/a Allegiance Health:  Michigan-based Allegiance Health agreed to pay over $2.6 million to resolve allegations that the hyperbaric oxygen therapy services for which it submitted claims to federal health programs failed to meet provider-based regulations.[91]  Allegiance self-reported the alleged fraud in connection with its CIA.[92]  Allegiance Health entered into the CIA in June 2013 in connection with an FCA settlement over subjecting patients to medically inappropriate cardiology procedures.[93]
• Seton Family of Hospitals d/b/a Seton Shoal Creek Hospital:  With a nearly $2.5 million settlement, Seton resolved a series of allegations in connection with its partial hospitalization program services.  First, Seton allegedly ran afoul of kickback prohibitions by waiving collection of deductibles and coinsurance payments from Medicare patients, reducing their payment obligations and effectively providing them with remuneration.[94]  In addition, HHS OIG alleged that Seton submitted claims for patients admitted to the partial hospitalization programs without appropriate physician certifications for admission, without physician certification of the ongoing need for such treatment, and without appropriately individualized treatment plans.[95]

                                    c)         Corporate Integrity Agreements

HHS OIG’s use of CIAs to ensure provider compliance with Medicare and Medicaid rules and regulations continues unabated through 2015.  Indeed, 47 CIAs took effect over the course of the calendar year.[96] 

As in past years, CIAs are frequently linked with other enforcement penalties.  For example, San Diego’s Millennium Health entered into a five-year CIA after paying more than $250 million to settle allegations that it violated the FCA and AKS by billing for expensive and medically unnecessary drug tests and providing incentives for physicians to use Millennium.[97]  In another example, Columbus Regional Healthcare System of Georgia agreed to a $25 million settlement regarding allegations that Columbus provided excessive salary and directorship payments to one of its physicians and submitted claims to Medicare and Medicaid for higher levels of care than were actually provided.[98]  The settlement also required Columbus to enter into a five-year CIA.   

Of the forty new CIAs, only one was a "quality-of-care" CIA.  Under such CIAs, a provider typically must retain an independent quality monitor, peer review consultant, or clinical expert to review whether the provider is appropriately addressing patient care problems, using appropriate medical credentialing systems, or making only medically necessary and appropriate admissions and treatment decisions.[99]  CF Watsonville East and CF Watsonville West, which operated two nursing homes in California, entered into a five-year quality-of-care CIA in May 2015 (and simultaneously agreed to a $3.8 million FCA settlement).[100]  The complaint alleged that the nursing homes persistently overmedicated residents, leading to infections, injuries, and even premature deaths.[101]

                                    d)         Advisory Opinions

This past year, HHS OIG issued 15 advisory opinions–4 more than last year–assessing the legality of certain arrangements, at the request of federal health program participants, in the hopes of promoting good-faith compliance efforts.[102]  As in prior years, the AKS took center stage in many of the advisory opinions.

Several HHS OIG advisory opinions from this past year focused on "preferred hospital" networks’ Medicare Supplemental Health Insurance policies–and the AKS implications of those policies.  Four of 2015’s 14 advisory opinions addressed arrangements under which a Medigap insurer contracts with preferred hospitals for discounts on Medicare Part A deductibles and passes on a $100 credit off a renewal premium to policyholders who use the preferred hospitals.[103]  In each opinion, HHS OIG found that the arrangement would not fall within the AKS safe harbors that cover waivers of beneficiary coinsurance and reduced premium amounts offered by health plans.  HHS OIG nevertheless concluded that the exchanges represented a "low risk of fraud or abuse," such that HHS OIG would not seek penalties under the AKS or the CMP law prohibiting inducements to beneficiaries.[104]

In July, HHS OIG issued an advisory opinion regarding a hospital system’s proposal to lease non-clinical employees and provide operations and management services to a related psychiatric hospital for an amount equal to the hospital system’s "fully loaded costs" (i.e., salary plus benefits and overhead expense).[105]  The parties were potential referral sources for each other.[106]  Under a prior arrangement between the parties, with otherwise identical terms, the hospital also paid the system administrative fees.[107]  Under the new proposal, the administrative fees, which the parties asserted were unallowable costs under applicable Medicare cost-reporting rules and not reimbursable, would be eliminated.[108]

HHS OIG concluded that the new proposal would implicate the AKS because the system would charge the hospital a rate below the fair market value for the leased employees and services, which may be considered remuneration in exchange for the hospital’s referrals.[109]  Given the totality of the circumstances, however, HHS OIG determined that the arrangement posed "a low risk of fraud and abuse"[110] for the following reasons: (1) the parties structured the new proposal "in a manner they believe[d] was supported by applicable Medicare cost reporting rules"; (2) the new proposal would achieve cost efficiencies and a reduction in the hospital’s labor and operational costs, which might indirectly benefit federal health care programs; and (3) there was no evidence suggesting that the new proposal was designed to, or actually would, induce referrals.[111]

In August, HHS OIG issued an advisory opinion regarding a home health care provider’s policy to offer free introductory visits to patients who had previously selected the company as their home health provider.[112]  The company certified that physicians or other health care professionals provided patients requiring home health services with a list of home health providers, and patients independently made their selection.[113]  The company had no involvement in the patient’s selection process, and it did not offer or pay any remuneration to health care professionals that serve as referral sources.[114]  After patients chose the company as their provider, a company employee offered a free introductory visit during which the company provided an overview of the home health experience and shared pictures and contact information for relevant company employees.[115]  The company did not provide any federally reimbursable services during this visit.[116] 

Relying on these facts, HHS OIG determined that, despite their "intrinsic value to patients," the company’s free visits "do not provide any actual or expected economic benefit to patients, and therefore do not constitute remuneration" under the AKS.[117]  As a result, HHS OIG would "not impose administrative sanctions" on the company.[118]  

In October, HHS OIG issued an advisory opinion regarding an integrated health system’s plan to offer free van shuttle services between certain medical facilities run by the system.[119]  The system certified that the medical facilities served by the free services were not accessible by public transportation.[120]  A large majority of the physicians working at the relevant facilities were employees of the system.[121]  HHS OIG decided that the proposed transportation services "could potentially generate prohibited remuneration,"[122] but because the services "present[ed] a minimal risk of fraud and abuse under the [AKS],"[123] the HHS OIG would not impose administrative sanctions. 

In reaching its conclusion, HHS OIG relied on the following facts: the system would (1) not tie the shuttle service to the volume or value of business from patients; (2) not offer air, luxury, or ambulance-level transportation; (3) not pay shuttle drivers on a per-patient basis; (4) offer the transportation service only locally; (5) not market or advertise the services to the general public; and (6) bear the costs of the services.[124]

The only proposed arrangement that HHS OIG found problematic in a 2015 advisory opinion was a laboratory company’s plan to offer free services to groups of patients in an apparent effort to secure exclusive arrangements with certain doctors’ offices.[125]  According to the laboratory company, doctors’ offices face an administrative headache when dealing with multiple laboratories because of differing "reference ranges" for laboratory results and divergent system interfaces.[126]  But doctors’ offices usually cannot move all of their referrals to a single laboratory company because patients’ insurance plans only pay for services at selected laboratory companies.  To eliminate this barrier to exclusive deals with physicians’ practices, the laboratory company that sought guidance planned to offer free testing for any patient whose insurance did not cover its services, while continuing to bill for all other patients, including Medicare and Medicaid patients.[127]  The company certified that it would not offer the doctors anything in exchange for their referrals, other than the ease of dealing with a single laboratory.[128]  HHS OIG’s opinion concluded, however, that the arrangement nonetheless "could potentially generate prohibited remuneration under the anti-kickback statute" and suggested that HHS OIG would impose administrative sanctions if the company implemented the plan.[129]

HHS OIG took issue with the arrangement for two principal reasons.  First, HHS OIG determined that the free laboratory services would constitute illegal remuneration because, "by declining to charge certain patients, the [company] would offer physician practices a means to work solely with the [company], reducing administrative and possibly financial burdens associated with using multiple laboratories."[130]  This remuneration, in HHS OIG’s view, raised the risk that physicians would "inappropriate[ly] steer[] . . . patients, including Federal health care program beneficiaries."[131]  Second, HHS OIG reasoned that the arrangement might create preferential pricing for privately insured patients in violation of federal law prohibiting a supplier from charging federal health care programs higher rates.  Because federal health care programs cover laboratory services provided by the laboratory company, the proposed free testing would only have benefited privately insured individuals.[132]  Therefore, HHS OIG viewed the plan as an effort to "relieve patients and their [insurers] of any obligation to pay in order to pull through all of the Federal health care program business, which would be charged at the full rate."[133]

                        3.         Priorities for 2016

HHS OIG released its Fiscal Year 2016 Work Plan in October, announcing several new reviews of interest to health care providers.

In one review, HHS OIG will evaluate CMS’s use and validation of quality reporting data provided by hospitals.[134]  The accuracy and completeness of such data is important, as HHS OIG noted, because it is used as part of the hospital value-based purchasing program and the hospital acquired condition reduction program.[135]  The report is expected to be released in 2016.[136]

Another review will focus on payments received by hospitals for replacement of implanted medical devices.[137]  Federal regulations provide for reduced payments for the replacement of these devices, but HHS OIG noted that prior reviews suggest that improper payments may have been made for replaced devices.[138]

In a move that may signal increased interest in potential violations of the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), HHS OIG also will review the adequacy of efforts undertaken by the Office for Civil Rights ("OCR") to ensure that providers protect electronic protected health information.[139]  In particular, HHS OIG expressed concern that OCR has not appropriately implemented a procedure for conducting periodic audits under the Health Information Technology for Economic and Clinical Health Act ("HITECH").[140]  These audits will assess whether health care providers have taken sufficient measures to protect the privacy of electronic health information. 

            B.        CMS

During the past twelve months, CMS pursued several quality-of-care initiatives and addressed a massive backlog of payment challenges–discussed in Part VI.D. below.  In addition, CMS also promoted enforcement initiatives through, among other measures, its data transparency programs and geographic moratoria.  We address notable CMS priorities from the past year below.

                        1.         Transparency and Data Accessibility

After last year’s launch of the "Open Payments" database, CMS devoted significant energy in 2015 to efforts to improve transparency and access to data related to the use of Medicare and Medicaid services.  CMS released its second round of Open Payments data on June 30, 2015.[141]  The searchable data set includes more than eleven million records of payments made in 2014 to physicians and teaching hospitals by drug and device manufacturers, accounting for more than $6 billion in payments.[142]  These figures represent a significant increase from the 2013 data, released last year, which published four million records, accounting for just $3 billion in payments.[143] 

In April, CMS released for the first time data on the prescription drugs prescribed by physicians and other health care providers.[144]  The data includes information from more than one million providers and reflects more than $100 billion in prescription drugs and supplies under Medicare Part D.[145]  The data identifies four drugs that accounted for more than $2 billion each:  Nexium®, Advair Diskus®, Crestor®, and Abilify®.[146]  Notably, the data also provides insight into the average total costs and costs per claim of different medical specialties.[147]  Coupled with HHS OIG’s reports on Part D fraud, CMS’s data release confirms that Medicare Part D billing is a central focus of government regulators in 2015.

In June, CMS continued its data release with its third update to the Medicare hospital inpatient and outpatient charge data.[148]  The release, which provides data from 2013, compares average charges for hospital services in connection with inpatient stays.[149]  The data also provides average Medicare payment information for the same services.[150]  The data reflects a steady increase in average hospital charges for the most common diagnoses.[151]

In October, CMS added to the data available in its provider utilization and payment files, releasing information on physicians and other health care professionals who supplied durable medical equipment, including wheelchairs, walkers, and diabetes supplies, to Medicare beneficiaries.[152]  The data also includes prosthetics and orthotic devices, as well as certain drugs and nutritional products.[153]  The data set represents $11 billion in Medicare payments distributed over 100 million claims by nearly 400,000 providers.[154]

Most recently, CMS expanded the data available on Physician Compare and Hospital Compare, tools created under PPACA to allow consumers to evaluate health care providers based on more than 100 quality measures.[155]  In addition to releasing data from 2014 on existing quality measures, CMS added data on hospitals’ use of safe surgery practices and supplemented the available data regarding health care-associated infections with information regarding infections suffered by patients in medical and surgical wards.[156]    

CMS has not only made additional data available to the public, but also increased access to detailed CMS data for the purposes of conducting in-depth research.  CMS announced in June that innovators and entrepreneurs would be given access to the CMS Virtual Research Data Center, a secure CMS database on which they can review and analyze privacy-protected data files.[157]  Data may be requested on a quarterly basis.[158]  CMS hopes that allowing access to this data for approved research will lead to the development of better care management and predictive modeling tools.[159]              

                        2.         Moratoria and Other Enforcement Priorities

As discussed above, nursing homes, SNFs, assisted living facilities, hospices, and home health providers have come under DOJ’s microscope in recent years and CMS continues to lend support to DOJ in this regard. 

In a January 2015 report, HHS OIG observed that CMS intends to focus its oversight and enforcement efforts on hospices and assisted living facilities.[160]  For example, CMS will develop anti-fraud measures to crack down on hospices that are paid for providing routine care, even though their caregivers rarely visit beneficiaries.[161]

CMS also has continued to impose moratoria on certain geographic areas, as authorized by PPACA.[162]  Under that authority, CMS may designate–based on consultations with DOJ and HHS OIG–a region as a "hot spot" for fraud and block any new provider enrollments within the region.  CMS must then review the moratoria every six months. 

To date, CMS has imposed moratoria in two waves:  in 2013, it blocked home health program enrollments in Chicago and Miami and ground ambulance services in Houston;[163] and in 2014, it added Fort Lauderdale, Detroit, Dallas, and Houston to the home health moratorium and added Philadelphia to the ground ambulance services moratorium.[164]  In February 2015, July 2015, and again in February 2016, CMS announced that it was extending all moratoria for another six months because "[t]he circumstances warranting the imposition of the moratoria have not yet abated" and "a significant potential for fraud, waste, and abuse continues to exist in these geographic areas."[165]

            C.        OCR and HIPAA Enforcement

According to an October 2015 report, OCR has reviewed and resolved more than 115,000 HIPAA complaints since compliance rules came into effect in 2003.[166]  More than 23,000 of those cases have required changes to a covered entity’s policies or other corrective action measures.  Although OCR has fielded an immense number of complaints, the agency’s enforcement efforts have yielded just twenty-six monetary settlements since 2003, totaling less than $23 million.[167]  Moreover, despite the sheer magnitude of its effort, OCR still has approximately 6,500 open complaints.[168]  And the increase in cyberattacks–like the one that compromised Anthem Health Insurance’s data early this past year[169]–and nationwide focus on data security suggests that OCR will continue to see a growth in interest in privacy protection for confidential patient information.  As noted above, HHS OIG’s Fiscal Year 2016 Work Plan includes a review of OCR’s efforts to ensure that providers safeguard electronic protected health information.

                        1.         2015 Developments and Trends

Last summer, Jerome Meites, an OCR Chief Regional Counsel, warned that OCR would target "high impact cases," and recent penalties–including more than $10 million in HIPAA fines–would "be low in comparison to what’s coming up."[170]  As of Halloween, this warning had not yet been fulfilled; OCR had announced just three settlements, collectively amounting to barely more than $1 million.[171]  But OCR announced three additional settlements in November and December, and those resolutions accounted for 85% of the year’s collections. 

In the meantime, the states originated several measures to protect the privacy of health information this year.  A New Jersey law passed in January 2015 requires health insurance carriers to encrypt any information containing an individual’s name and Social Security number, driver’s license number, address, or identifiable health information.[172]  Desktops, laptops, mobile devices, and computerized records must be "unreadable, undecipherable, or otherwise unusable by an unauthorized person."[173]  In May, Connecticut’s Senate passed a similar bill.[174]  This proposed legislation defines encryption as "the transformation of electronic data into a form in which meaning cannot be assigned without the use of a confidential process or key."  Federal HIPAA regulations do not currently mandate encryption, although it is recommended where reasonable and appropriate.[175]

On the federal level, in an effort to promote compliance, OCR launched a portal to provide developers of health-related technology and mobile applications with guidance on the application of HIPAA rules to their products.[176]  Users can submit questions, responses, and comments anonymously–and OCR will not use those postings against any individual or entity in an enforcement action.[177]  Although OCR does not intend to respond to individual questions, the office posts resources and will consider the questions and comments in its efforts to develop formal guidance.[178]  In the three months since the portal was created, users have posted fifteen questions and eighteen comments, addressing topics such as audit requirements and business associate relationships.[179]   

                        2.         HIPAA Enforcement Actions

OCR reached settlements totaling more than $6 million in 2015.  More than half of that total resulted from OCR’s $3.5 million settlement with Triple-S Management Corporation.[180]  OCR received multiple breach notifications from the company before launching an investigation.  During the investigation, OCR found that Triple-S failed to implement adequate safeguards for protected health information, including electronic information, disclosed health information to an outside vendor despite lacking the required business associate agreement, and used more health information than necessary to carry out mailings.  In addition to the monetary penalty, Triple-S must develop an appropriate risk management plan, launch a data privacy training program, and develop policies and procedures that will facilitate HIPAA compliance.[181] 

The University of Washington Medicine ("UWM") fell victim to a classic cybersecurity lapse when an employee downloaded an email attachment that contained malware, compromising UWM’s information technology system and exposing the personal health information of approximately 90,000 patients.[182]  During its investigation, OCR learned that UWM failed to adequately monitor the risk assessment practices of its affiliated entities.  In December, UWM agreed to settle the charges for $750,000, adopt a corrective action plan, and submit annual reports on its compliance efforts.[183]

In July, St. Elizabeth’s Medical Center reached a settlement for nearly $220,000 in connection with the use of an internet-based document sharing application.[184]  St. Elizabeth’s employees used the application to store documents containing personal health information for nearly 500 individuals, even though it had not analyzed the risks of such document storage.  St. Elizabeth’s compounded its troubles by failing to respond and document the incident in a timely manner.  St. Elizabeth’s notified OCR of a second breach less than two years later, after personal health information was left unsecured on an employee’s laptop and flash drive.[185] 

Together, the Triple-S, UWM, and St. Elizabeth’s settlements offer an important lesson to providers on the necessity of maintaining a robust HIPAA compliance program and conducting thorough risk analyses before sharing documents with affiliates and outside parties or through new media.

Physical security of personal health information has been a key aspect of several of OCR’s HIPAA settlements this year.  Cancer Care Group, P.C. agreed to a $750,000 settlement in connection with the theft of a laptop bag from an employee’s car.[186]  The theft compromised the personal health information of approximately 55,000 patients because the bag contained both the employee’s computer and unencrypted backup media.  Notably, Cancer Care did not have a policy addressing the removal of media containing electronic personal health information from its facilities.  OCR Director Jocelyn Samuels emphasized the importance of developing comprehensive policies and ensuring encryption of mobile devices and electronic media in announcing the settlement.[187] 

The case of Lahey Hospital and Medical Center illustrates the importance of reviewing personal health information protections in place at all workstations.  A laptop used in connection with a portable CT scanner was stolen overnight from an unlocked treatment room at the teaching hospital.  That laptop’s hard drive contained the personal health information of nearly 600 individuals.[188]  In addition to failing to safeguard the laptop, the hospital neither required entry of a unique user name to use the laptop nor adequately recorded activity on the laptop.  Lahey agreed to pay $850,000 and develop a comprehensive risk management plan to resolve the alleged HIPAA violations.   

OCR’s no-tolerance approach for HIPAA violations applies regardless of the size of the entity that violated patient privacy regulations.  This past year, OCR hit Denver’s Cornell Prescription Pharmacy, a small, single-location pharmacy that provides in-store and prescription services, particularly for hospice care agencies, with a $125,000 fine (and a required corrective action plan) in response to HIPAA violations.[189]  Cornell came to OCR’s attention after a Denver NBC news affiliate found unshredded documents in a dumpster that contained private information on approximately 1,500 patients.[190]  OCR’s investigation also revealed that Cornell failed to conduct training on HIPAA or establish written privacy policies.[191]

                        3.         2016 Priorities

Although it conducted pilot audits regarding HIPAA compliance in 2011 and 2012, OCR has yet to launch Phase 2 of its audit program.  But OCR Director Samuels announced that audits will begin anew in early 2016.[192]  Director Samuels committed to that timeframe in a letter response to an HHS OIG report finding that OCR’s failure to implement a permanent audit program contributed to noncompliance with privacy standards by at least 27% of surveyed providers, and recommending rapid implementation of a full audit program.[193]  Phase 2 will include both desk-reviews and on-site reviews of HIPAA compliance and will target particular (though as yet unspecified) areas of noncompliance.[194]       

III.       Anti-Kickback Statute Developments

The AKS prohibits companies and individuals from offering, paying, soliciting, or receiving "remuneration" to induce or reward referrals of business that will be paid for by federal health care programs, such as Medicare and Medicaid.[195]  Because the government has interpreted "remuneration" expansively to include "the transferring of anything of value in any form or manner whatsoever,"[196] the AKS potentially criminalizes a broad spectrum of business activity. The stakes for compliance are particularly high, as any violation of the AKS not only may result in criminal and civil penalties for violating the AKS statute, but also the imposition of steep civil penalties and treble damages under the FCA.[197]  As government agencies (and FCA whistleblowers) forge ahead with AKS-related enforcement actions, health care providers must remain attentive to the shifting regulatory landscape, and must consider available guidance when designing their compliance programs.

            A.        AKS-Related Case Law Developments

During 2015, the federal courts handed down several notable decisions interpreting the AKS.  These cases demonstrate the courts’ evolving understanding of AKS’s scienter standard, as well as what constitutes remuneration, referrals, and inducement under the law.

                        1.      Willfulness

In April, the Third Circuit addressed the scope of the AKS’s willfulness requirement in an unpublished decision, United States v. Goldman.  There, the defendant, a geriatrician, was convicted at trial of receiving payments in exchange for referring Medicare patients to a hospice center, for which he served as medical director.[198]  On appeal, the defendant argued that the jury should have been instructed that to find that he acted willfully, the jury had to find that the defendant knew of the specific provision of the statute under which he was charged and that he intended to violate it.[199]  The Third Circuit disagreed, holding that because the AKS does not qualify as a "highly technical statute[] that present[s] the danger of ensnaring individuals engaged in apparently innocent conduct," the district court did not err in instructing the jury that "willfulness" merely requires that the defendant knew his conduct was unlawful and intended to do something that the law forbids.[200]  The brazen nature of the defendant’s conduct may well have driven the Third Circuit’s decision; the court observed that "accepting cash and checks in exchange for referrals cannot be considered ‘apparently innocent.’"[201]  Notably, the conduct at issue in the case pre-dated the PPACA amendment to the AKS, which provides: "With respect to violations of this section, a person need not have actual knowledge of this section or specific intent to commit a violation of this section."[202]  The court did not address this amended statutory language, which essentially codified the holding in Goldman.

                        2.      Remuneration

In April, the Southern District of New York held in United States v. Narco Freedom, Inc., that "remuneration" under the AKS can include the provision of low-income housing.[203]  There, the court rejected the defendant’s argument that reduced-price housing does not qualify as "remuneration" because it "promotes access to care and poses a low risk of harm to patients and Federal health care programs" and thus qualifies for an exemption under an HHS OIG notice of a proposed rule change interpreting 42 U.S.C. § 1320a–7a(i)(6)(F).[204]  The court concluded that the exemption in question applies only to the civil monetary penalties provisions codified at 42 U.S.C. § 1320a–7a, whereas the government brought the action at issue under the criminal AKS (42 U.S.C. § 1320a–7b).[205]  According to the court, the defendant violated the AKS by providing below-market housing only to those who attended the defendant’s Medicaid-subsidized drug treatment programs, and that low-income housing counted as "remuneration" because it constituted an "in-kind benefit provided at below market value to Medicaid beneficiaries."[206]  Moving forward, we will monitor how the courts square differing interpretations of the criminal AKS and closely related provisions of the civil monetary penalties law with the principle that a "single statute with civil and criminal applications receives a single interpretation."[207]

                        3.      Referral

In United States v. Patel, decided February 2015, the Seventh Circuit adopted an expansive definition of the term "referring" under the AKS, holding that the term includes instances in which physicians certify patients for home health care services by signing Medicare forms.[208]  After a bench trial, the district court found the defendant, a physician, guilty of violating the AKS by accepting cash payments in exchange for referring patients to home health care services.[209]

On appeal, the defendant argued that Congress intended the term "refer" under the AKS to pertain to those who "personally recommend to a patient that he seek care from a particular entity."[210] According to the defendant, that definition squared with the typical use of the term in the medical context.[211]  Absent some proof that he specifically directed his patients to choose a particular health care provider, the defendant argued, he could not have violated the AKS.[212]  But the Seventh Circuit sided with the government, reasoning that the AKS should be interpreted in light of the statute’s main purpose, which is to prevent improper financial considerations from influencing medical judgment.[213]  The court thus held that "referrals" under the statute include not only doctors’ express recommendations, but also their signatures on forms certifying plans of treatment prepared by home health companies.[214]

This decision could have potentially far-reaching repercussions for physicians, as they now may be liable under the AKS even if they do not refer a patient to a specific provider.[215]  At a minimum, the decision indicates that physicians are now susceptible to a broader scope of liability under the AKS.

                        4.      Inducement

In Jones-McNamara v. Holzer Health Systems, decided in November, the Sixth Circuit adopted HHS OIG’s broad definition of the term "induce" under the AKS, holding that the term means "to lead or move by influence or persuasion."[216]  The court rejected the plaintiff’s argument that she was terminated from her position as the vice president of corporate compliance in retaliation for her investigation of potential AKS violations at her company, a health care delivery system comprised of several hospitals and care facilities.[217]  The court held that her investigatory activities were not protected because her belief that an AKS violation occurred was unreasonable.[218]  Focusing on AKS’s inducement requirement, the court found that a patient transport company’s "’token’ gestures of good will," like a $23.50 jacket gifted to one company employee and free hotdogs and hamburgers at an annual employee event could not "plausibly . . . induce a reasonable person to prefer one provider over another."[219] 

            B.        HHS OIG Fraud Alert on Physician Compensation Arrangements

AKS enforcement remains a high priority of HHS OIG, which has continued to issue topical alerts that provide potential guidance for AKS compliance. 

In June 2015, HHS OIG issued a fraud alert relating to physician compensation arrangements, urging physicians to ensure that any compensation arrangements, such as medical directorships, "reflect fair market value for bona fide services the physicians actually provide."[220]  HHS OIG also emphasized that compensation arrangements may violate the AKS "if even one purpose of the arrangement is to compensate a physician for his or her past or future referrals of Federal health care program business."[221]

As evidence of its commitment to pursuing physicians who enter into certain compensation arrangements, HHS OIG cited settlements with 12 individual physicians "who entered into questionable medical directorship and office staff arrangements."[222]  According to HHS OIG, these arrangements constituted improper remuneration because they "took into account the physicians’ volume or value of referrals and did not reflect fair market value for the services to be performed, and because the physicians did not actually provide the services called for under the agreements."[223]  HHS OIG alleged that some of the physicians entered into arrangements under which an affiliated health care entity paid the salaries of the physicians’ front office staff–arrangements that HHS OIG viewed as improper remuneration because they "relieved the physicians of a financial burden they otherwise would have incurred."[224]

Although the message is straightforward, the discussion of physician compensation arrangements conveys the potential breadth of impermissible remuneration under HHS OIG’s reading of the AKS. 

            C.        HHS OIG Policy Statement on Discounted or Free Outpatient Drugs   

In October 2015, HHS OIG issued a policy statement "assur[ing] hospitals that they will not be subject to . . .  administrative sanctions for discounting or waiving amounts" owed by Medicare beneficiaries for self-administered drugs dispensed in outpatient settings.[225]  The policy explained that "Medicare Part B generally covers care that Medicare beneficiaries receive in hospital outpatient settings such as emergency departments and observation units;"[226] however, Medicare Part B does not usually cover self-administered drugs.  While Medicare Part D may cover these drugs, "most hospital pharmacies do not participate in Medicare Part D."[227]  Therefore, Medicare beneficiaries often bear the burden of these costs, which are generally "much higher than [the beneficiaries] would have paid at retail pharmacies–even if those drugs are covered under their Medicare Part D plans."[228] 

Hospitals that choose to provide these self-administered drugs at a discount or for free to Medicare beneficiaries will not be subject to AKS liability if they (1) uniformly apply their policies regarding discounts and waivers for non-covered self-administered drugs; (2) do not advertise or market the discounts or waivers; and (3) do not claim the discounted or waived amounts as bad debt or otherwise shift the burden of these costs to federal programs, other payers, or individuals.[229]

            D.        HHS OIG "Policy Reminder" on Information Blocking and the AKS

HHS OIG released a "Policy Reminder" ("Reminder") in October 2015 on how "information blocking may affect safe harbor protection under the [AKS]."[230]  The Reminder addresses situations in which "a provider, such as a hospital, may seek to furnish software or information technology to an existing or potential referral source, such as a physician practice."[231] 

This kind of an arrangement may implicate the AKS because the software or information technology may be considered "remuneration" intended to induce referrals.[232]  HHS has sheltered certain similar arrangements from AKS liability.  Indeed, under the Electronic Health Records (EHR) safe harbor, "’remuneration’ does not include nonmonetary remuneration (consisting of items and services in the form of software or information technology and training services) necessary and used predominantly to create, maintain, transmit, or receive electronic health records," so long as all of the safe harbor’s conditions are satisfied.[233]

HHS OIG’s October 2015 Reminder focused on the safe harbor condition that pertains to information blocking.  Under the safe harbor, the "donor (or any person on the donor’s behalf) [may] not take any action to limit or restrict the use, compatibility, or interoperability of the items or services with other electronic prescribing or electronic health records systems (including, but not limited to, health information technology applications, products, or services)."[234]  The Reminder restated HHS OIG’s stance that "donations of items or services that have limited or restricted interoperability due to action taken by the donor or by any person on the donor’s behalf" would not meet this condition and "would be suspect under the law."[235]  Prohibited arrangements include those in which (1) "a donor takes an action to limit the use, communication, or interoperability of donated items or services by entering into an agreement with a recipient to preclude or inhibit any competitor from interfacing with the donated system;" and (2) "EHR [electronic health record] technology vendors agree with donors to charge high interface fees to non-recipient providers or suppliers or to competitors."[236]  The Reminder also encourages the public to report instances of potentially problematic donation arrangements.[237]

            E.        HHS OIG Proposed Rule Relating to AKS Safe Harbors

As reported in our 2014 Year-End Update, HHS OIG published a proposed rule on October 3, 2014 that would create additional safe harbors to the AKS.[238]  In an increasingly complex regulatory landscape, safe harbors offer invaluable guidance for health care providers seeking to create effective payment arrangements and service delivery methods.  We noted in our 2014 Year-End Update the potential impact on and legitimization of a range of provider practices through the expansion of certain safe harbors, exclusion of those practices from the definition of "remuneration," or formal recognition of beneficial gainsharing.  As of the date of this update, HHS OIG is still working to finalize the proposed rule, with no reported timeline for the final release.

In the meantime, as required by law,[239]  HHS OIG put out its annual call for ideas about new safe harbors, seeking to tap the knowledge and real-world experience of industry participants.[240]  Although diverse in their topics, the comments share one abiding concern: the AKS’s potential for stifling innovative service delivery methods and payment arrangements in a rapidly changing health care industry.[241]

            F.         HHS OIG Report on Compliance Oversight

In April 2015, HHS OIG, in collaboration with the Association of Healthcare Internal Auditors, the American Health Lawyers Association, and the Health Care Compliance Association, released a report titled "Practical Guidance for Health Care Governing Boards on Compliance Oversight."[242]   After emphasizing that boards must "be fully engaged in their oversight" of their "organization’s compliance program," the report sets forth a series of "practical tips" for boards to "effectuate their oversight role."[243]  For example, the report recommends that governing boards include, or periodically consult with, a regulatory, compliance, or legal professional with health care compliance expertise because doing so "sends a strong message about the organization’s commitment to compliance, provides a valuable resource to other Board members, and helps the Board better fulfill its oversight obligations."[244]  The report also encourages regular reviews of high-risk areas, such as referral relationships, billing, privacy breaches, and quality of care.[245]  In addition, the report notes that the board should ensure that it receives certain types of "compliance-related information from various members of management."[246]  In addition, the report recommends self-disclosing identified issues through HHS OIG’s Self-Disclosure Protocol, on the basis that doing so may expedite resolution of the case, "lower [damages] payment[s]," and facilitate an "exclusion release" without a CIA or other compliance obligations.[247]   Although the report acknowledges that the size and structure of organizations’ compliance functions may vary, the report underscores HHS OIG’s position that an organization’s compliance department and legal department should be separate and independent.[248]

            G.        Notable Settlements

In 2015, the DOJ entered into several multi-million dollar AKS-related settlements with health care providers.

In October 2015, the DOJ announced a $9.25 million settlement with PharMerica Corporation ("PharMerica"), the nation’s second largest provider of pharmaceutical services to nursing homes, to settle allegations that the company solicited and received kickbacks from pharmaceutical manufacturer Abbott Laboratories ("Abbott") in exchange for recommending that physicians prescribe Abbott’s anti-epileptic drug Depakote to nursing home patients.[249]  According to the government, the alleged kickbacks from Abbott were disguised as rebates, educational grants, and other financial support.[250]  This settlement is notable because the DOJ entered into a $1.5 billion settlement with Abbott in May 2012 for, amongst other conduct, allegedly providing kickbacks to nursing home pharmacies, including PharMerica.[251] 

Also in October 2015, Millennium Health ("Millennium"), one of the largest urine drug testing laboratories in the United States, agreed to pay $256 million to resolve allegations of FCA and AKS violations, including allegations that the company provided free items to physicians who agreed to refer expensive laboratory testing business to the company.[252]  The company allegedly offered free point-of-care urine drug test cups to physicians in exchange for the physicians’ agreement to return the urine specimens to Millennium for hundreds of dollars’ worth of additional testing.[253]  As part of the settlement, Millennium entered into a five-year CIA with HHS OIG, which requires the company to make significant changes to its board of directors, among other prospective obligations.[254]

IV.       Stark Law Developments

Beyond the DOJ resolutions of cases discussed in Part I above, 2015 saw several significant developments regarding the federal self-referral law (i.e., the Stark Law).  Earlier this past year, we saw proposed legislation aimed at simplifying the law’s penalties and clarifying its scope.  More recently, CMS published changes in the Stark Law regulations, creating two new exceptions and clarifying multiple provisions.  In addition, two federal circuit courts issued decisions that may affect future Stark Law enforcement actions.

            A.        Proposed Legislation

                        1.                  Stark Administration Simplification Act of 2015, H.R. 776

Proposed by Representative Charles Boustany, Jr. (R-LA) on February 5, 2015, this bill seeks to create alternative penalties for technical noncompliance with the Stark Law under the Medicare program.  Under the current articulation of the law, violations can trigger penalties, including denial of Medicare payments for affected services, required repayments, civil monetary penalties of up to $15,000 for each service in violation of the law, and exclusion from participation in federal health care programs.[255]  The bill would impose a single civil monetary penalty of $10,000 for technical violations that are self-disclosed (and just $5,000 for violations self-disclosed within one year of the date of noncompliance).[256]  The bill defines "technical noncompliance" as conduct that violates the Stark Law solely for one of three reasons:  (1) the underlying referral agreement was not in writing; (2) the underlying referral agreement was not signed by a party to the agreement; or (3) the term of the underlying referral agreement expired and services continued without an amendment of the original agreement.[257]  The bill was referred to the House Committee on Energy and Commerce, the House Ways and Means Committee, and the House Subcommittee on Health in February.  The Committees have not since taken any action on the bill. 

                        2.                  Medicaid Physician Self-Referral Act of 2015, H.R. 1083

Also in February, Representative Jim McDermott (D-WA) introduced a bill seeking to resolve any ambiguity over whether the provisions of the Stark Law aimed at curbing self-referrals in connection with Medicare apply with equal force to Medicaid.[258]  A similar bill was introduced in 2014, but never advanced out of committee.[259]  In proposing the new bill, Representative McDermott said, "Congress has long intended the requirements of the Self-Referral Law to apply with force to Medicaid, and this bill makes it unambiguously clear that this is the case."[260]  The proposal also would amend the Stark Law to state explicitly that claims submitted to Medicare or Medicaid in violation of the Stark Law constitute false or fraudulent claims for purposes of the FCA–a provision similar to the one added to the AKS by PPACA–which could increase the exposure to liability for providers who run afoul of the Stark Law.  Like the Stark Administration Simplification Act, the Medicaid Physician Self-Referral Act has been referred to the House Committees on Energy and Commerce and Ways and Means, as well as the House Subcommittee on Health, but has not advanced any further.[261] 

            B.                 Regulatory Developments

                        1.                  CMS Final Rule: Revisions for Clarity

Despite the uncertain posture of the proposed legislative developments discussed above, CMS implemented significant changes to regulations under the Stark Law.  On July 8, CMS issued proposed Stark Law changes as part of its proposed 2016 Medicare Physician Fee Schedule.[262]  On October 30, after reviewing public comments, CMS finalized its revisions and, on November 16, published them in the Federal Register.[263]  The revisions that are substantive in nature took effect on January 1, 2016.[264]

With the revisions, CMS sought to "accommodate health care delivery and payment systems reform, to reduce burden, and to facilitate compliance."[265]  After reviewing stakeholder inquiries, self-disclosure forms, and the relevant literature, CMS decided that clarifying certain provisions would be helpful.  For example, CMS clarified its exemption of certain arrangements for office space or equipment rental that last for a year or longer.  The revisions make clear that an "arrangement" under the Stark Law does not necessarily mean a single, formal contract.  Instead, there can be a collection of documents that prove the arrangement.[266]  Similarly, the arrangement has to exist for at least one year, but there does not have to be an explicit "term" of one year.[267]

CMS also clarified that a financial relationship does not exist when a physician provides services to hospital patients in the hospital if both the physician and hospital bill independently for their services (also known as a "split bill" arrangement).[268]  This addresses a point of uncertainty raised in United States ex. rel. Kosenske v. Carlisle HMA.[269]

In another revision, CMS clarified that a physician that "stand[s] in the shoes" of an organization will satisfy the signature requirement of certain exceptions when that organization’s authorized signatory signs the agreement.[270]  A physician "stand[s] in the shoes" of an organization when he or she has an ownership or investment interest in the organization (or voluntarily assumes the "stand in the shoes" designation).[271]

                        2.                  CMS Final Rule: New Exceptions

The finalized agency rule also carves out two new exceptions to the prohibition against physician self-referrals.  The first exception allows physicians to be compensated for recruiting non-physician practitioners to work at a hospital, Federally Qualified Health Center, or Rural Health Clinic.[272]  The non-physician practitioners must spend at least 75% of their time providing primary care services or mental health care services.[273]  The list of practitioners covered by the exception includes:  (1) physician assistants; (2) nurse practitioners; (3) clinical nurse specialists; (4) certified nurse midwives; (5) clinical social workers; and (6) clinical psychologists.[274]  CMS further specified that the physician can only be compensated up to 50% of the actual aggregate compensation paid to the NPP.[275]

The second new exception allows a physician to enter into a "timeshare" arrangement with a hospital or physician organization, where the physician pays for the exclusive use of office space on a periodic basis.[276]  This arrangement is particularly common in rural areas that cannot sustain a full-time specialty practice.  CMS warned that the arrangement only applies to licenses (as opposed to leases where a property interest is transferred).[277]  Further, the compensation cannot be structured on a "per-use" or "per-patient" basis.[278]  Instead, an hourly or half-day rate would be more appropriate.

            C.                Case Law Developments

                        1.                  Council for Urological Interests v. Burwell

In Council for Urological Interests v. Burwell, the D.C. Circuit struck down CMS’s 2008 prohibition of per-click equipment rental arrangements involving physician-owned equipment leasing companies.[279]  The court found that the prohibition lacked a sufficient rational basis and remanded the case for further consideration.[280] 

In reaching its decision, the court first decided a threshold issue in CMS’s favor.  The majority upheld the agency’s interpretation that an entity "furnishing" services includes an entity that performs services even if it does not bill for the services.[281]  CMS argued that this interpretation prevented direct service providers (like the urologists here) from evading the Stark Law simply by having the hospital submit the bill to Medicare for them.[282]  Therefore, direct service providers, unless covered by an exception, are subject to the Stark Law no matter the technical billing structure under which they operate.

The agency lost, however, on the question of whether its blanket prohibition of per-click equipment rental arrangements was valid.  Although the court accepted that the agency’s prohibition survived the first step of the Chevron analysis (i.e., the interpretation was not "unambiguously forbid[den]" by the statute’s text), it quibbled with the adequacy of the agency’s consideration of a House Conference Report that seemed to endorse per-click equipment rentals.[283]  The court characterized the agency’s interpretation of the statute in light of the legislative report as "bewildering statutory exegesis" that could not survive even Chevron‘s deferential review.[284] 

As of November 15, CMS is still considering its options as to how to comply with the court’s decision.  In the meantime, CMS has asserted that the "court did not hold that the House Conference Report requires us to allow per-click arrangements; to the contrary, the Court upheld our authority to prohibit per-click arrangements where we determine that such a prohibition is necessary to protect against program or patient abuse."[285]

                        2.                  United States ex rel. Drakeford v. Tuomey Healthcare Sys., Inc.

In United States ex rel. Drakeford v. Tuomey Healthcare Sys., Inc., the Fourth Circuit upheld a $237 million judgment against Tuomey.[286]  There, a jury found that the hospital inappropriately compensated 19 part-time physicians in violation of the Stark Law and, as a result, submitted 21,730 false claims to Medicare.[287]  Tuomey argued that the jury could not have reached this conclusion because it acted on the advice of counsel and had no knowledge or intent of wrongdoing.  The court rejected this argument, concluding that a reasonable jury could conclude that Tuomey ignored legal opinions warning the hospital of possible Stark Law liability.[288]

Tuomey made two additional arguments about the size of the judgment.  First, the hospital argued that the compensatory damages were wrongly calculated.  The damages were based on the total amount of claims the government paid, rather than the difference between the value of the hospital services provided and what the government paid.[289]  The court rejected this argument, finding that compliance with the Stark Law is a prerequisite to any kind of Medicare reimbursement.  Therefore, when a claim is submitted in violation of the Stark Law, there is no value provided and the government does not owe any money.[290] 

Second, Tuomey argued that the judgment violated the Eighth Amendment prohibition against excessive fines, as well as the Fifth Amendment Due Process Clause.[291]  At issue was the ratio of punitive damages to compensatory damage in the judgment below.  The court held that the judgment’s ratio (3.6 to 1) was constitutional (although it was "just under the ratio the court deems constitutionally suspect").[292]

Although Tuomey was unable to overturn the massive $237 million judgment on appeal, it was able to resolve the case with DOJ in October for $72.4 million, less than one-third of the original judgment.[293]  As part of the settlement, Tuomey will be sold to Palmetto Health, based in Columbia, South Carolina.[294]  The Tuomey litigation illustrates the staggering liability that a provider may incur if alleged to have violated the Stark Law.

V.       Developments in Payments and Reimbursements

Disputes between the government and health care industry stakeholders over the future growth and distribution of government health care funds continued throughout 2015.  Indeed, as discussed further below, 2015 saw various developments in these ongoing conflicts, including:  delays and lawsuits connected to the implementation of the controversial two-midnight and 60-day Medicare payment rules, the issuance of HHS’s "Mega-Guidance" relating to the 340B Drug Pricing Program, ongoing provider litigation challenging CMS payment decisions, and further developments in the government’s move towards quality-based reimbursement by federal health programs. 

            A.                Final Two-Midnight Rule

On October 30, after much debate and delay, CMS decided to stand by its controversial two-midnight rule for defining inpatient hospital stays for reimbursement purposes.  Starting on January 1, 2016, CMS will generally reimburse patient stays expected to last fewer than two midnights as outpatient stays, while hospital admissions for stays crossing two midnights will automatically be considered appropriate and reimbursed at the inpatient rates.  Stays that do not stretch across at least two midnights still may be reimbursed as inpatient care on a case-by-case basis on the judgment of the admitting physician.[295]  Further, in a welcome move for providers, Quality Improvement Organizations will now conduct the initial patient status reviews to determine the appropriateness of inpatient reimbursement, rather than the Recovery Audit Contractors, who were paid a contingency fee for finding inappropriate admissions.[296] 

            B.                 Developments on 60-Day Medicare Overpayment Rule

After 2015 saw yet another year of delays, on February 12, 2016, CMS finalized its 60-Day Overpayment Rule.[297]  Under the PPACA, health care providers must report and return overpayments by the "later of the date that is 60 days after the date on which the overpayment was identified or the date any corresponding cost report is due"[298]  While CMS purported to relax its interpretive guidance on that language to ease the compliance burden on providers, the requirement as interpreted in the final rule continues to impose significant obligations on providers and to demand meaningful attention to proactive compliance programs. 

In its final rule, CMS retained its definition that a provider is deemed to have "identified an overpayment" when it "has or should have, through the exercise of reasonable diligence, determined" that it has received an overpayment, but added that the provider must also have "quantified the amount of the overpayment."[299]  The final rule clarifies that "reasonable diligence" is demonstrated through the timely, good faith investigation of credible information, which is at most 6 months from receipt of the credible information, except in extraordinary circumstances."[300]  This clarification effectively abandons the vague proposed requirement that providers use "all deliberate speed" to investigate potential overpayments, instead adopting a six-month investigative time frame before the 60-day clock begins to run, in most cases.  In a further revision to providers’ obligations to investigate overpayments, the final rule reduces the originally proposed 10-year look-back period to six years, explicitly to align with the more common six-year statute of limitations for FCA liability.  Accordingly, under the final rule, providers must look back six years after an overpayment is identified to see if any other, similar overpayments occurred during that time period.[301]     

DOJ has not waited for the final rule to take effect and inform its own enforcement efforts, however.  In 2015 DOJ took action in several cases to pursue so-called "reverse FCA" cases under the theory that a knowing failure to refund overpayments within 60 days of identification is a violation of the FCA.  Two developments in August demonstrate that DOJ is serious about pursuing such cases, further emphasizing that providers must understand and adhere to CMS overpayment rules.  First, on August 4, DOJ announced a "first of its kind" settlement of allegations that Pediatric Services of America ("PSA") violated the FCA by failing to return overpayments from federal health programs.[302] 

Second, within the same week, a federal district court issued the first judicial opinion construing the meaning of "identifying" overpayments for purposes of triggering the 60-day rule clock.  In United States ex rel. Kane v. Healthfirst, Inc., the government intervened for the first time in a case alleging FCA violations based on the defendants’ alleged failures to repay money to federal health programs in violation of the 60-day rule.[303]  The Kane court denied the defendant’s motion to dismiss, concluding that the government had adequately alleged that the defendant "identified" overpayments and failed to repay them within the 60-day period, thus triggering "reverse FCA" liability based on a knowing failure to repay an obligation to the government.  In so ruling, the court adopted a definition of overpayment "identification" bearing a striking resemblance to the language in the proposed and final rules for the Medicare program, which start the 60-day clock when the provider "has determined, or should have determined through the exercise of reasonable diligence," the receipt of overpayments.[304]  The new provisions in the final rule giving providers six months to investigate, and a chance to quantify, potential overpayments may or may not have affected the analysis in Kane.  But DOJ’s clear interest in pursuing these cases even before the 60-day rule was finalized indicates that the PSA and Kane cases are likely just the first entries in a continued line of cases involving the application of FCA fraud liability to alleged 60-day rule violations.  

            C.                Update on 340B Program

The disputes between CMS, providers, and drug manufacturers about the contours of the 340B pricing program seen in 2014 continued to swirl this past year.  As detailed in our 2014 Year-End Update, the 340B program imposes ceilings on prices drug manufacturers may charge for medications sold to specified health facilities.  Since its inception in 1992, the program has grown dramatically:  as of 2013, 11,250 entities were enrolled under the program, saving an estimated $3.8 billion on prescription drugs.[305] 

After significant delays, the Health Resources and Services Administration ("HRSA") issued its long-promised 340B "Mega-Guidance" in August.[306]  Expected to be published in September 2016, the Omnibus Guidance offers broad direction for covered entities (such as disproportionate share hospitals, critical access hospitals, and federally qualified health centers).  The guidance includes clarifications on program eligibility, contract pharmacy compliance requirements, hospital eligibility criteria, eligibility of off-site outpatient locations, and HHS audits.[307]  Notably, the guidance also alters patient eligibility requirements–and this change has received the most significant attention.  Under the proposed guidelines, patients must meet six criteria rather than three to be considered a patient of a 340B-covered entity.  For example, under the proposed guidelines, to provide discounted drugs, a provider must either be employed by a 340B member organization or must be able to bill for services on that provider’s behalf.  

HRSA’s issuance of this Mega-Guidance has not quieted the controversy surrounding HRSA’s rulemaking ability and the orphan drug exclusion.  As described in our last Year-End Update, a D.C. District Court found that HRSA lacked the authority to issue final rules.[308]  In October, the court again struck down HRSA’s interpretive rules–which mirrored the final rule it previously promulgated.[309]  As an immediate result, participating hospitals will no longer be authorized to purchase orphan drugs at 340B discounted prices when used for non-orphan uses.  More significantly, this decision, by showing that the interpretive rules are also vulnerable to court review, outlines one path for future challenges to the Omnibus-Guidance.

            D.                Provider Payment Challenges

Perhaps the most significant development of 2015 in the rate-challenge arena was the Supreme Court’s decision in Armstrong v. Exceptional Child Center.[310]  The Supreme Court granted certiorari in Armstrong to determine whether, under the Supremacy Clause of the U.S. Constitution, providers could sue states to force the establishment of higher reimbursement rates under Section 30(A) of the Medicaid Act.[311]  Section 30(A), the Act’s equal access provision, requires that states ensure Medicaid payments are appropriate to attract sufficient providers.[312]  The Ninth Circuit had held that the plaintiff health care providers had the right to challenge state actions around reimbursement rates under Section 30(A) and the Supremacy Clause.[313]  

Although no single opinion marshaled five votes, a divided Supreme Court reversed the Ninth Circuit.  Justice Scalia, writing for the Court, held that the Supremacy Clause does not confer a private cause of action, which would allow providers to sue state Medicaid agencies over rates.[314]  Further, the Medicaid Act, according to the Court, "implicitly precludes private enforcement of Section 30(A), and [the providers] cannot, by invoking [the Court’s] equitable powers, circumvent Congress’s exclusion of private enforcement."[315]  Justice Scalia’s opinion reasoned that the Medicaid Act implicitly precluded recourse to equity because of the statute’s own administrative remedy and the "judicially unadministrable nature" of the statutory text.[316]   As a result, the Court left it to the federal government to enforce the broadly worded reimbursement provisions of the federal Medicaid Act.  But Armstrong may not cause a permanent halt to private litigation claiming deficiencies in the states’ administration of Medicaid funds.  Suits under Section 13(A)–a provision requiring states to set reimbursement rates using a procedure akin to notice-and-comment rulemaking–are likely still available, as are private actions under other federal laws, such as 42 U.S.C. § 1983.[317]

Beyond Armstrong, 2015 proved to be a difficult year for large-scale provider efforts to use the legal process to extract greater payments from CMS in return for care of federal health program participants.  One bright spot for providers, however, was CMS’s announcement that it reached a settlement resolving the backlog of Medicare appeals, with CMS paying $1.3 billion to hospitals that dropped their appeals.[318]  But providers found less success in challenges to Medicare and Medicaid rate-setting actions, ending up on the wrong side of three decisions in the D.C. Circuit.

First, in Adirondack Medical Center v. Burwell, the court rejected a suit by 60 rural hospitals challenging certain revisions to the rules covering their Medicare reimbursements for inpatient hospital services.[319]  Second, in District Hospital Partners v. Burwell, a group of 186 hospitals challenged the HHS Secretary’s calculation of the monetary thresholds for outlier payments in 2004, 2005, and 2006.[320]  Although the court rejected the hospitals’ arguments relating to the 2005 and 2006 thresholds and the requirement that HHS use the best available data, the court gave the hospitals a small victory in regard to 2004 outlier payments.  The court ruled that the Secretary failed to explain in the 2004 rule how data about certain turbo-charging hospitals would be treated, and remanded the case.[321]  And, third, in Anna Jacques Hospital, et al. v. Burwell, the D.C. Circuit rejected providers’ arguments that CMS failed to use the best method to calculate the annual hospital wage index that affects Medicare reimbursements.[322]   

            E.                 Continued Movement Towards Pay-for-Performance 

In 2015, the federal government took some notable steps toward basing federal health program reimbursements on quality metrics.  Hitting the ground running upon her arrival as Secretary in January, Secretary Burwell announced a new initiative to transition provider reimbursements from "volume to value."[323]  As part of the initiative, HHS set explicit goals for alternative payment models and value-based payments.  HHS stated that, by 2018, 50% of fee-for-service Medicare payments will come from alternative payment models, and 90% of all Medicare payments will be tied to quality or value metrics.[324]  

                        1.      Medicare Access and CHIP Reauthorization Act of 2015

The most significant development of the year in the move to quality-based reimbursement came on April 16, 2015, when the President signed into law H.R. 2, the Medicare Access and CHIP Reauthorization Act of 2015 ("MACRA").[325]  MACRA extends the Children’s Health Insurance Program ("CHIP") for two years, extends numerous expiring Medicare provisions, and supplements other federal health programs, including a significant additional investment in community health centers.  MACRA addressed the controversial Sustainable Growth Rate ("SGR") formula by replacing the previous yearly patches and adjustments with a set 0.5 percent payment update every year for five years.  The SGR repeal also continues the move away from the volume-based, fee-for-service system by streamlining Medicare’s existing web of quality assurance programs into one value-based performance program.   

MACRA produced decidedly mixed results for providers hoping for substantial rate increases, however.  Post-acute providers, such as long-term care and inpatient rehabilitation hospitals, skilled nursing facilities and home health and hospice organizations, will receive a one percent base pay increase–about half of what was expected.[326]  Further, MACRA replaces a 3.2% increase in payment rates for hospital inpatient services scheduled for 2018 with a phased-in increase of 0.5% each year from 2018 through 2023.[327]  Finally, MACRA delays scheduled reductions in Medicaid "disproportionate share" payments to hospitals by one year to Fiscal Year 2018.[328]

                        2.      CMS Unveils New Model for ACOs

It is well known that in recent years, CMS has expanded the role of Accountable Care Organizations ("ACOs"), which, according to CMS, have improved quality and saved Medicare an average of $300 per beneficiary.[329]  Building on that apparent success, CMS moved to further expand ACO involvement in federal health program administration in 2015.  Early last year, CMS focused its efforts at already existing ACOs by offering them a "Next Generation" model.[330]  This new model will offer greater financial risks and rewards than are available under the current options.  Participants will have their choice of two risk arrangements and four different payment methods, including traditional fee-for-service, supplemented fee-for-service, population-based pay, and lump-sum capitation.  The ACO also will receive relaxed restrictions on methods of care delivery.[331] 

A few months later, CMS published a Final Rule that provided significantly more flexibility for ACOs generally.[332]  Through the Final Rule, CMS seeks to encourage continued participation in the program.   Among other changes, the final rule:  (1) creates a new ACO option based on the successes of the Pioneer ACO model, (2) streamlines data sharing between CMS and ACOs, and (3) refines the policies for resetting ACO benchmarks to ensure the program continues to provide strong incentives to ACOs to improve patient care and generate cost savings.[333]  

                        3.      Medicaid and CHIP Managed Care Proposed Rule

Similarly, through its rulemaking process and other initiatives, HHS worked in 2015 to more directly tie payments to quality metrics: 

• In its final rule on Fiscal Year 2016 Medicare payment policies and rates, CMS provided further incentive to providers to participate in the inpatient quality reporting program and move to electronic medical records.[334]
• CMS announced that it would alter payment rates and quality measures for skilled nursing facilities, requiring quality reporting on patient health.[335]   
• CMS proposed a new rule governing CHIP managed care regulations that would modernize managed care by aligning the program’s rules and regulations with those of private insurers, establish a quality rating system, and strengthen program integrity monitoring.[336] 
• CMS launched Hospital Compare Star Ratings for acute care facilities to provide consumers with a quick guide to the quality of care at various providers.[337]  

VI.        Conclusion

This past year has continued to demonstrate that as the Medicare and Medicaid programs have changed and expanded, so too have the government enforcement efforts intended to protect against fraud and abuse committed by individuals and entities.  Indeed, the government has increased its efforts to police its increasingly complex health program rules with each passing month, a trend we expect to continue in 2016.  As 2016 evolves, we will continue to monitor and report on these issues and developments.

[1] See Press Release, Office of Pub. Affairs, U.S. Dep’t of Justice, Assistant Attorney General Leslie R. Caldwell Delivers Remarks at the American Bar Association’s 25th Annual National Institute on Health Care Fraud (May 14, 2015), http://www.justice.gov/opa/speech/assistant-attorney-general-leslie-r-caldwell-delivers-remarks-american-bar-association-s [hereinafter Caldwell Remarks].

[2] See id.

[3] See id.

[4] See Press Release, Office of Pub. Affairs, U.S. Dep’t of Justice, Justice Department Recovers $3.5 Billion from False Claims Act Cases in Fiscal Year 2015 (Dec. 3, 2015), http://www.justice.gov/opa/pr/justice-department-recovers-over-35-billion-false-claims-act-cases-fiscal-year-2015.

[5] See 2015 Year-End False Claims Act Update, Gibson Dunn (Jan. 6, 2016), http://www.gibsondunn.com/publications/Pages/2015-Year-End-False-Claims-Act-Update.aspx.

[6] Data gathered through U.S. Department of Justice press releases and publicly available information.

[7] Figures determined by the number of DOJ press releases that mentioned this type of allegation as a contributing cause to the settlement.  Many cases involved multiple types of allegations–e.g., violations of both the AKS and Stark Law.  In these instances, the settlement was noted in both categories.

[8] Press Release, Office of Pub. Affairs, U.S. Dep’t of Justice, Millennium Health Agrees to Pay $256 Million to Resolve Allegations of Unnecessary Drug and Genetic Testing and Illegal Remuneration to Physicians (Oct. 19, 2015), http://www.justice.gov/opa/pr/millennium-health-agrees-pay-256-million-resolve-allegations-unnecessary-drug-and-genetic. 

[9] Id.

[10] Id.

[11] Press Release, Office of Pub. Affairs, U.S. Dep’t of Justice, Nearly 500 Hospitals Pay United States More Than $250 Million to Resolve False Claims Act Allegations Related to Implantation of Cardiac Devices (Oct. 30, 2015),  http://www.justice.gov/opa/pr/nearly-500-hospitals-pay-united-states-more-250-million-resolve-false-claims-act-allegations.  

[12] Id.

[13] Id.

[14] Id.

[15] Press Release, Office of Pub. Affairs, U.S. Dep’t of Justice, 32 Hospitals to Pay U.S. More Than $28 Million to Resolve False Claims Act Allegations Related to Kyphoplasty Billing (Dec. 18, 2015), http://www.justice.gov/opa/pr/32-hospitals-pay-us-more-28-million-resolve-false-claims-act-allegations-related-kyphoplasty.

[16] Press Release, Office of Pub. Affairs, U.S. Dep’t of Justice, Covenant Hospice Inc. to Pay $10.1 Million for Overcharging Medicare, Tricare and Medicaid for Hospice Services (June 18, 2015), http://www.justice.gov/opa/pr/covenant-hospice-inc-pay-101-million-overcharging-medicare-tricare-and-medicaid-hospice.

[17] Data gathered through U.S. Department of Justice press releases and publicly available information.

[18] See, e.g., Press Release, Office of Pub. Affairs, U.S. Dep’t of Justice, Florida Home Health Care Company Agrees to Pay $1.1 Million to Resolve False Claims Act Allegations (Mar. 9, 2015), http://www.justice.gov/opa/pr/florida-home-health-care-company-agrees-pay-11-million-resolve-false-claims-act-allegations (alleging physicians were over-compensated for patient chart reviews).

[19] See, e.g., Press Release, U.S. Atty’s Office for the Dist. of Mass., U.S. Dep’t of Justice, South Shore Physicians Hospital Organization to Pay $1.775 Million for Alleged Kickbacks for Patient Referrals (Jan. 20, 2015), http://www.justice.gov/usao-ma/pr/south-shore-physicians-hospital-organization-pay-1775-million-alleged-kickbacks-patient.

[20] See Press Release, Office of Pub. Affairs, U.S. Dep’t of Justice, Millennium Health Agrees to Pay $256 Million to Resolve Allegations of Unnecessary Drug and Genetic Testing and Illegal Remuneration to Physicians (Oct. 19, 2015), http://www.justice.gov/opa/pr/millennium-health-agrees-pay-256-million-resolve-allegations-unnecessary-drug-and-genetic [hereinafter Millennium Health].

[21] See Press Release, Office of Pub. Affairs, U.S. Dep’t of Justice, Florida Skilled Nursing Facility Agrees to Pay $17 Million to Resolve False Claims Act Allegations (June 16, 2015), http://www.justice.gov/opa/pr/florida-skilled-nursing-facility-agrees-pay-17-million-resolve-false-claims-act-allegations.

[22] See Press Release, Office of Pub. Affairs, U.S. Dep’t of Justice, Family Dermatology PcC Agrees to Pay United States More Than $3.2 Million to Settle Alleged False Claims Act Violations (Apr. 21, 2015), http://www.justice.gov/opa/pr/family-dermatology-pccagrees-pay-united-states-more-32-million-settle-alleged-false-claims.

[23] See Press Release, Office of Pub. Affairs, U.S. Dep’t of Justice, Florida Hospital District Agrees to Pay United States $69.5 Million to Settle False Claims Act Allegations (Sept. 15, 2015), http://www.justice.gov/opa/pr/florida-hospital-district-agrees-pay-united-states-695-million-settle-false-claims-act. 

[24] See Press Release, Office of Pub. Affairs, U.S. Dep’t of Justice, DaVita to Pay $450 Million to Resolve Allegations that it Sought Reimbursement for Unnecessary Drug Wastage (June 24, 2015), http://www.justice.gov/opa/pr/davita-pay-450-million-resolve-allegations-it-sought-reimbursement-unnecessary-drug-wastage.   

[25] Id.

[26] Id.

[27] Data gathered through press releases and other publicly available information.

[28] Press Release, N.Y. State Office of the Att’y Gen., A.G. Schneiderman Announces $22.4 Million Settlement with NYC Pharmacy for Improper Medicaid Billings for Injectable Pediatric Drug Synagis (July 10, 2015),  http://www.ag.ny.gov/press-release/ag-schneiderman-announces-224-million-settlement-nyc-pharmacy-improper-medicaid.  

[29] Id.

[30] Universal Health Servs., Inc. v. United States, 136 S. Ct. 582 (Dec. 4, 2015) (granting writ of certiorari as to the second and third questions presented by the petitioner); see also Petition for Writ of Certiorari at ii, Universal Health Servs. (No. 15-7), 2015 WL 4035937.

[31] United States v. AseraCare Inc., No. 12-cv-00245-KOB, 2015 WL 8486874, at *3 (Nov. 3, 2015). 

[32] Id. at *7. 

[33] Id. at *1, *7.

[34] Id. at *12.

[35] Id. at *7.   

[36] United States ex rel. Martin v. Life Care Ctrs. of Am., No. 1:08-cv-251, 2014 WL 4816006 (E.D. Tenn. Sept. 29, 2014); AseraCare, No. 12-cv-245, 2014 WL 6879254, at *10.    

[37] See United States ex rel. Ruckh v. Genoa Healthcare LLC, No. 11-cv-01303 (M.D. Fla. Apr. 28, 2015); United States v. Robinson, No. 13-cv-GFVT, 2015 WL 1479396 (E.D. Ky. Mar. 31, 2015).     

[38] Genoa Healthcare, No. 11-cv-01303, at *2.

[39] Id. at *6.

[40] Id. at *9.

[41] Robinson, No. 13-cv-GFVT, 2015 WL 1479396, at *10.

[42] Id.

[43] United States ex rel. Michaels v. Agape Senior Cmty. Inc., No. 15-2145 (4th Cir. Sept. 29, 2015) (granting a motion for interlocutory appeal on the use of statistical sampling as a means of proving FCA liability).

[44] See Caldwell Remarks, supra note 1.

[45] Id.

[46] Id.

[47] See Memorandum from Sally Quillian Yates,  Deputy Attorney General, U.S. Dep’t of Justice, Individual Accountability for Corporate Wrongdoing at 2 (Sept. 9, 2015), http://www.justice.gov/dag/file/769036/download.

[48] See DOJ’s Newest Policy Pronouncement: The Hunt for Corporate Executives, Gibson Dunn (Sept. 11, 2015), http://www.gibsondunn.com/wp-content/uploads/documents/publications/Yates-Memo–DOJ-New-Posture-on-Prosecutions-of-Individuals–Consequences-for-Companies.pdf.

[49] See Press Release, Office of Pub. Affairs, U.S. Dep’t of Justice, National Medicare Fraud Takedown Results in Charges Against 243 Individuals for Approximately $712 Million in False Billing (June 18, 2015), http://www.justice.gov/opa/pr/national-medicare-fraud-takedown-results-charges-against-243-individuals-approximately-712. 

[50] See 2014 Year-End Health Care Compliance and Enforcement Update – Providers, Gibson Dunn (Jan. 14, 2015), http://www.gibsondunn.com/publications/pages/2014-Year-End-Health-Care-Compliance–Enforcement-Update–Providers.aspx.

[51] See Press Release, Office of Pub. Affairs, U.S. Dep’t of Justice, Former President of Riverside General Hospital Sentenced to 45 Years in Prison in $158 Million Medicare Fraud Scheme (June 9, 2015), http://www.justice.gov/opa/pr/former-president-riverside-general-hospital-sentenced-45-years-prison-158-million-medicare.

[52] See Press Release, Office of Pub. Affairs, U.S. Dep’t of Justice, Assistant Administrator of Riverside General Hospital Sentenced to 40 Years in Prison for $116 Million Medicare Fraud Scheme (May 21, 2015), http://www.justice.gov/opa/pr/assistant-administrator-riverside-general-hospital-sentenced-40-years-prison-116-million.

[53] See Press Release, Office of Pub. Affairs, U.S. Dep’t of Justice, Owner of Orlando Health Care Clinic Sentenced to Five Years in Prison for Engaging in Medicare Fraud Scheme (Sept. 29, 2015), http://www.justice.gov/opa/pr/owner-orlando-health-care-clinic-sentenced-five-years-prison-engaging-medicare-fraud-scheme.

[54] Id.

[55] See U.S. Dep’t of Health & Human Servs., Office of the Inspector Gen., Fiscal Year 2016 Justification of Estimates for Appropriations Committees, at 3, http://oig.hhs.gov/reports-and-publications/archives/budget/files/FY2016_HHSOIG_Congressional_Justification.pdf.   

[56] See U.S. Dep’t of Health & Human Servs., Office of the Inspector Gen., Semiannual Report to Congress, April 1 – September 30, 2015, at i, http://oig.hhs.gov/reports-and-publications/archives/semiannual/2015/sar-fall15.pdf [hereinafter Semiannual Report]. 

[57] Id. at i-ii; see also U.S. Dep’t of Health & Human Servs., Office of the Inspector Gen., Archives – Semiannual Report, available at http://oig.hhs.gov/reports-and-publications/archives/semiannual/index.asp (last accessed Jan. 15, 2016). 

[58] Semiannual Report, supra note 56, at i, iii.

[59] See Tony Maida, OIG Announces New Penalty and Exclusion Litigation Team to "Level the Playing Field," Nat’l L. Rev. (July 1, 2015), http://www.natlawreview.com/article/oig-announces-new-penalty-and-exclusion-litigation-team-to-level-playing-field. 

[60] See id.

[61] Id.

[62] U.S. Dep’t of Health & Human Servs., Office of the Inspector Gen., Fiscal Year 2015 Work Plan: Mid-Year Update, at 24, https://oig.hhs.gov/reports-and-publications/archives/workplan/2015/WP-Update-2015.pdf. 

[63] U.S. Dep’t of Health & Human Servs., Office of the Inspector Gen., An OIG Portfolio:  Ensuring the Integrity of Medicare Part D (June 18, 2015),  http://oig.hhs.gov/oei/reports/oei-03-15-00180.pdf. 

[64] Id. at 9–11.

[65] Id.

[66] Id. at 5.

[67] U.S. Dep’t of Health & Human Servs., Office of the Inspector Gen., Questionable Billing and Geographic Hotspots Point to Potential Fraud and Abuse in Medicare Part D, at 2 (June 23, 2015),  https://oig.hhs.gov/oei/reports/oei-02-15-00190.pdf. 

[68] Id. at 4–5.

[69] U.S. Dep’t of Health & Human Servs., Office of the Inspector Gen., Affordable Care Act Reviews, http://oig.hhs.gov/reports-and-publications/aca/ (last visited Jan. 15, 2015).

[70] U.S. Dep’t of Health & Human Servs., Office of the Inspector Gen., Providers Did Not Always Reconcile Patient Records With Credit Balances and Report and Return the Associated Medicaid Overpayments to State Agencies (Aug. 26, 2015),  http://oig.hhs.gov/oas/reports/region4/41404029.pdf. 

[71] Id. at 3.

[72] Id. at 6.

[73] U.S. Dep’t of Health & Human Servs., Office of the Inspector Gen., Providers Terminated From One State Medicaid Program Continued Participating in Other States (Aug. 4, 2015),  http://oig.hhs.gov/oei/reports/oei-06-12-00030.pdf; see also 42 U.S.C. § 1396a(a)(39).

[74] Id. at 7.

[75] Id. at 8.

[76] See 42 U.S.C. § 1320a-7a.

[77] See id. § 1320a-7b.

[78] Semiannual Report, supra note 56, at i.

[79] See U.S. Dep’t of Health & Human Servs., Office of the Inspector Gen., LEIE Downloadable Databases, https://oig.hhs.gov/exclusions/exclusions_list.asp (last visited Jan. 15, 2016) [hereinafter LEIE]; Press Release, Federal Bureau of Investigation, Dental Practice Operators Charged in $20 Million Medicaid Fraud Conspiracy (May 24, 2012),  https://www.fbi.gov/newhaven/press-releases/2012/dental-practice-operators-charged-in-20-million-medicaid-fraud-conspiracy [hereinafter Dental Practice]. 

[80] See Dental Practice, supra note 79.

[81] See LEIE, supra note 79.

[82] See id.

[83] See id.

[84] Data gathered through HHS OIG press releases and publicly available information. See generally U.S. Dep’t of Health & Human Servs., Office of the Inspector Gen., Civil Monetary Penalties and Affirmative Exclusions, https://oig.hhs.gov/fraud/enforcement/cmp/index.asp (last visited Jan. 15, 2016).

[85] See id.

[86] See id.

[87] See id.

[88] See id.

[89] See U.S. Dep’t of Health & Human Servs., Office of the Inspector Gen., Civil Monetary Penalties and Affirmative Exclusions, Provider Self-Disclosure Settlements,  http://oig.hhs.gov/fraud/enforcement/cmp/psds.asp (last visited Jan. 15, 2016) [hereinafter Provider Self-Disclosure Settlements].

[90] See id.

[91] See U.S. Dep’t of Health & Human Servs., Office of the Inspector Gen., Civil Monetary Penalties and Affirmative Exclusions, CIA Reportable Event Settlements,  http://oig.hhs.gov/fraud/enforcement/cmp/reportable-events.asp (last visited Jan. 15, 2016).

[92] See id.

[93] See Press Release, U.S. Atty’s Office for the E. Dist. of Mich., U.S. Dep’t of Justice, United States Intervenes In Health Care Fraud Action And Obtains $4 Million In Settlement (July 10, 2013), http://www.justice.gov/usao-edmi/pr/united-states-intervenes-health-care-fraud-action-and-obtains-4-million-settlement.

[94] See Provider Self-Disclosure Settlements, supra note 89.

[95] See id.

[96] See U.S. Dep’t of Health & Human Servs., Office of the Inspector Gen., Corporate Integrity Agreement Documents, https://oig.hhs.gov/compliance/corporate-integrity-agreements/cia-documents.asp (last visited Jan. 16, 2016).

[97] See Millennium Health, supra note 20.    

[98] See Press Release, Office of Pub. Affairs, U.S. Dep’t of Justice, Georgia Hospital System and Physician to Pay More than $25 Million to Settle Alleged False Claims Act and Stark Law Violations (Sept. 4, 2015), http://www.justice.gov/opa/pr/georgia-hospital-system-and-physician-pay-more-25-million-settle-alleged-false-claims-act-and.   

[99] U.S. Dep’t of Health & Human Servs., Office of the Inspector Gen., Quality of Care Corporate Integrity Agreements, https://oig.hhs.gov/compliance/corporate-integrity-agreements/quality-of-care.asp (last visited Jan. 15, 2016). 

[100] See Press Release, U.S. Atty’s Office for the N. Dis. of Cal., U.S. Dep’t of Justice, Watsonville Nursing Home Owners, Operators And Manager Agree To Pay $3.8 Million To Settle Allegations Of False Claims (May 21, 2015), http://www.justice.gov/usao-ndca/pr/watsonville-nursing-home-owners-operators-and-manager-agree-pay-38-million-settle. 

[101] See id.

[102] See U.S. Dep’t of Health & Human Servs., Office of the Inspector Gen., Advisory Opinions, https://oig.hhs.gov/compliance/advisory-opinions/index.asp (last visited Jan. 15, 2016). 

[103] See U.S. Dep’t of Health & Human Servs., Office of the Inspector Gen., Advisory Op. 15-09 (July 23, 2015), http://oig.hhs.gov/fraud/docs/advisoryopinions/2015/AdvOpn15-09.pdf;  Advisory Op. 15-08 (June 19, 2015), https://oig.hhs.gov/fraud/docs/advisoryopinions/2015/AdvOpn15-08.pdf; Advisory Op. 15-05 (Apr. 29, 2015), https://oig.hhs.gov/fraud/docs/advisoryopinions/2015/AdvOpn15-05.pdf; Advisory Op. 15-03 (Mar. 2, 2015), https://oig.hhs.gov/fraud/docs/advisoryopinions/2015/AdvOpn15-03.pdf.

[104] Advisory Op. 15-09, supra note 103, at 5-7; Advisory Op. 15-08, supra note 103, at 5–7; Advisory Op. 15-05, supra note 103, at 5–7; Advisory Op. 15-03, supra note 103, at 5-7.

[105] See U.S. Dep’t Health & Human Servs. Office of the Inspector Gen., Advisory Op. 15-10, at 1-2 (July 20, 2015), https://oig.hhs.gov/fraud/docs/advisoryopinions/2015/AdvOpn15-10.pdf.

[106] Id. at 2.

[107] Id. at 2-3.

[108] Id.

[109] Id. at 5.

[110] Id.

[111] Id. at 5-6.

[112] See U.S. Dep’t Health & Human Servs. Office of the Inspector Gen., Advisory Op. 15-12, at 1 (Aug. 6, 2015), https://oig.hhs.gov/fraud/docs/advisoryopinions/2015/AdvOpn15-12.pdf.

[113] Id. at 2.

[114] Id.

[115] Id.

[116] Id. at 2-3.

[117] Id. at 4.

[118] Id. at 5.

[119] See U.S. Dep’t Health & Human Servs. Office of the Inspector Gen., Advisory Op. 15-13, at 1 (Oct. 14, 2015), https://oig.hhs.gov/fraud/docs/advisoryopinions/2015/AdvOpn15-13.pdf.

[120] Id. at 3.

[121] Id. at 2.

[122] Id. at 7.

[123] Id. at 6.

[124] Id. at 6-7.

[125] See U.S. Dep’t Health & Human Servs., Office of the Inspector Gen., Advisory Op. 15-04, at 2 (Mar. 25, 2015), https://oig.hhs.gov/fraud/docs/advisoryopinions/2015/AdvOpn15-04.pdf.

[126] Id.

[127] Id. at 3.

[128] Id.

[129] Id. at 2.

[130] Id. at 6.

[131] Id.

[132] Id. at 7–8.

[133] Id.

[134] U.S. Dep’t of Health & Human Servs., Office of the Inspector Gen., Work Plan Fiscal Year 2016, at 11, http://oig.hhs.gov/reports-and-publications/archives/workplan/2016/oig-work-plan-2016.pdf. 

[135] Id.

[136] Id.

[137] Id. at 9.

[138] Id.

[139] Id. at 66.

[140] Id.

[141]  See Ctrs. for Medicare & Medicaid Servs., The FACTS About Open Payments Data (June 30, 2015), https://openpaymentsdata.cms.gov/.

[142] Id.

[143] Id.

[144] Ctrs. for Medicare & Medicaid Servs., Fact Sheet, CMS Releases Prescriber-Level Medicare Data for First Time (Apr. 30, 2015), http://www.cms.gov/Newsroom/MediaReleaseDatabase/Fact-sheets/2015-Fact-sheets-items/2015-04-30.html. 

[145] Id.

[146] Id.

[147] See id.

[148] Ctrs. for Medicare & Medicaid Servs., Fact Sheet, New Medicare Data Available to Increase Transparency on Hospital Utilization (June 1, 2015),  http://www.cms.gov/Newsroom/MediaReleaseDatabase/Fact-sheets/2015-Fact-sheets-items/2015-06-01.html. 

[149] Id.

[150] Id.

[151] See id.

[152] Ctrs. for Medicare & Medicaid Servs., Fact Sheet, Medicare Referring Provider Durable Medical Equipment, Prosthetics, Orthotics and Supplies (DMEPOS) Transparency Data (CY2013) (Oct. 8, 2015), https://www.cms.gov/Newsroom/MediaReleaseDatabase/Fact-sheets/2015-Fact-sheets-items/2015-10-08.html.

[153] See id.

[154] See id.

[155] Press Release, Ctrs. for Medicare & Medicaid Servs., CMS Expands Quality Data on Physician Compare and Hospital Compare to Help Consumers Choose Health Care Providers (Dec. 10, 2015), https://www.cms.gov/Newsroom/MediaReleaseDatabase/Press-releases/2015-Press-releases-items/2015-12-10.html.  

[156] See id.

[157] Press Release, Ctrs. for Medicare & Medicaid Servs., CMS Announces Entrepreneurs and Innovators to Access Medicare Data (June 2, 2015), http://www.cms.gov/Newsroom/MediaReleaseDatabase/Press-releases/2015-Press-releases-items/2015-06-02.html. 

[158] Id.

[159] Id.

[160] U.S. Dep’t of Health & Human Servs., Office of the Inspector Gen., Medicare Hospices Have Financial Incentives to Provide Care in Assisted Living Facilities, 18-20 (Jan. 13, 2015), https://oig.hhs.gov/oei/reports/oei-02-14-00070.pdf. 

[161] Id. at 21–22.

[162] The Patient Protection and Affordable Care Act of 2010, Pub. L. No. 111-148, § 6401(a).

[163] Ctrs. for Medicare & Medicaid Servs., Fact Sheet, CMS Imposes First Affordable Care Act Enrollment Moratorium on Chicago-area Home Health Agencies to Combat Fraud and Safeguard Taxpayer Dollars (July 26, 2013),  http://www.cms.gov/Newsroom/MediaReleaseDatabase/Fact-sheets/2013-Fact-sheets-items/2013-07-26.html; Ctrs. for Medicare & Medicaid Servs., Fact Sheet, CMS Imposes First Affordable Care Act Enrollment Moratorium on Houston-area Ground Ambulance Suppliers to Combat Fraud and Safeguard Taxpayer Dollars (July 26, 2013), http://www.cms.gov/Newsroom/MediaReleaseDatabase/Fact-sheets/2013-Fact-sheets-items/2013-07-26-2.html; Ctrs. for Medicare & Medicaid Servs., Fact Sheet, CMS Imposes First Affordable Care Act Enrollment Moratorium on Miami-area Home Health Agencies to Combat Fraud and Safeguard Taxpayer Dollars (July 26, 2013), http://www.cms.gov/Newsroom/MediaReleaseDatabase/Fact-sheets/2013-Fact-sheets-items/2013-07-26-3.html.

[164] Press Release, Ctrs. for Medicare & Medicaid Servs., Second Wave of CMS’s Enrollment Moratoria Extended for Home Health and Ground Ambulance Suppliers; Four New Geographic Areas Added (Jan. 30, 2014), http://www.cms.gov/Newsroom/MediaReleaseDatabase/Press-releases/2014-Press-releases-items/2014-01-30-2.html. 

[165] Notice, Medicare, Medicaid and Children’s Health Insurance Programs: Announcement of the Extended Temporary Moratoria on Enrollment of Ground Ambulance Suppliers and Home Health Agencies in Designated Geographic Locations, 81 Fed. Reg. 5444, 5445 (Feb. 2, 2016); Notice, Medicare, Medicaid and Children’s Health Insurance Programs: Announcement of the Extended Temporary Moratoria on Enrollment of Ambulance Suppliers and Home Health Agencies in Designated Geographic Locations, 80 Fed. Reg. 44,967, 44,968 (July 28, 2015); Notice, Medicare, Medicaid and Children’s Health Insurance Programs: Announcement of the Extended Temporary Moratoria on Enrollment of Ambulance Suppliers and Home Health Agencies in Designated Geographic Locations, 80 Fed. Reg. 5551, 5552 (Feb. 2, 2015).

[166] U.S. Dep’t of Health & Human Servs., Health Information Privacy, Enforcement Highlights (Oct. 31, 2015), http://www.hhs.gov/ocr/privacy/hipaa/enforcement/highlights/index.html. 

[167] Id.

[168] U.S. Dep’t of Health & Human Servs., Health Information Privacy, Enforcement Highlights, Numbers at a Glance (Oct. 31, 2015), http://www.hhs.gov/ocr/privacy/hipaa/enforcement/highlights/indexnumbers.html (last visited Jan. 15, 2016).   

[169] See Elizabeth Weise, Massive Breach at Health Care Company Anthem Inc., USA Today, Feb. 5, 2015, http://www.usatoday.com/story/tech/2015/02/04/health-care-anthem-hacked/22900925/.  

[170] Jeff Overley, Big Year Ahead for HIPAA Fines, HHS Atty Says, Law360 (June 12, 2014), http://www.law360.com/articles/547721/big-year-ahead-for-hipaa-fines-hhs-atty-says. 

[171] See U.S. Dep’t of Health & Human Servs., Health Information Privacy, Resolution Agreements and Civil Monetary Penalties, http://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/agreements/index.html (last visited Jan. 16, 2016).

[172] An Act Concerning the Security of Certain Personal Information and Supplementing P.L. 1960, c.39 (C.56:8-1 et seq.), ch. 88, 2014 N.J. Laws 562 (Jan. 9, 2015).

[173] Id.

[174] An Act Concerning The Security of Consumer Data, S.B. 1024, Conn. Session Year 2015.

[175] Ctrs. for Medicare & Medicaid Servs., Security Standards: Technical Safeguards, HIPAA Security Series, Mar. 2007, Paper 4 at 6–7, http://www.hhs.gov/sites/default/files/ocr/privacy/hipaa/administrative/securityrule/techsafeguards.pdf. 

[176] U.S. Dep’t of Health & Human Servs., Office for Civil Rights, Health App Developers, What Are Your Questions About HIPAA?, http://hipaaqsportal.hhs.gov/ (last visited Jan. 15, 2016).

[177] U.S. Dep’t of Health & Human Servs., Office for Civil Rights, Identify Developer Issues, http://hipaaqsportal.hhs.gov/a/home  (last visited Jan. 15, 2016).

[178] Id.

[179] U.S. Dep’t of Health & Human Servs., Office for Civil Rights, Health App Developers: Questions About HIPAA?, http://hipaaqsportal.hhs.gov/a/ideas/top/campaign-filter/active/stage/stage-questions (last visited Jan. 15, 2016).

[180] Press Release, U.S. Dep’t of Health & Human Servs., Triple-S Management Corporation Settles HHS Charges By Agreeing To $3.5 Million HIPAA Settlement (Nov. 30, 2015), http://www.hhs.gov/about/news/2015/11/30/triple-s-management-corporation-settles-hhs-charges.html.

[181] Id.

[182] Press Release, U.S. Dep’t of Health & Human Servs., $750,000 HIPAA Settlement Underscores the Need for Organization-Wide Risk Analysis (Dec. 14, 2015), http://www.hhs.gov/about/news/2015/12/14/750000-hipaa-settlement-underscores-need-for-organization-wide-risk-analysis.html.   

[183] Id.

[184] Bulletin, U.S. Dep’t of Health & Human Servs., HIPAA Settlement Highlights Importance of Safeguards When Using Internet Applications (July 10, 2015), http://www.hhs.gov/sites/default/files/bulletin.pdf.

[185] Id.

[186] Press Release, U.S. Dep’t of Health & Human Servs., $750,000 HIPAA Settlement Emphasizes the Importance of Risk Analysis and Device and Media Control Policies (Sept. 2, 2015), http://www.hhs.gov/about/news/2015/09/02/750%2C000-dollar-hipaa-settlement-emphasizes-the-importance-of-risk-analysis-and-device-and-media-control-policies.html. 

[187] Id.

[188] Press Release, U.S. Dep’t of Health & Human Servs., HIPAA Settlement Reinforces Lessons for Users of Medical Devices (Nov. 25, 2015), http://www.hhs.gov/about/news/2015/11/25/hipaa-settlement-reinforces-lessons-users-medical-devices.html.  

[189] U.S. Dep’t of Health & Human Servs., Health Information Privacy, HIPAA Settlement Highlights the Continuing Importance of Secure Disposal of Paper Medical Records, http://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/examples/cornell/cornell-press-release/index.html (last visited Jan. 15, 2016) [hereinafter Cornell Settlement]. 

[190] Jeremy Jojola, Dumpster Full of Medical Records Found Outside Pharmacy, NBC 9News (Feb. 12, 2012), http://www.9news.com/news/article/248924/339/Dumpster-full-of-medical-records-found-outside-pharmacy. 

[191] Cornell Settlement, supra note 189.

[192] U.S. Dep’t of Health & Human Servs., Office of Inspector Gen., OCR Should Strengthen Its Oversight of Covered Entities’ Compliance with the HIPAA Privacy Standards, at app. C (Sept. 2015), http://oig.hhs.gov/oei/reports/oei-09-10-00510.pdf.

[193] Id. at 11.

[194] Id. at app. C. 

[195] 42 U.S.C. § 1320a-7b(b).

[196] Medicare and State Health Care Programs: Fraud and Abuse; OIG Anti-Kickback Provisions, 56 Fed. Reg. 35,952, 35,958 (July 29, 1991) [hereinafter OIG Anti-Kickback Provisions]. 

[197] 42 U.S.C. § 1320a-7b(g).

[198] United States v. Goldman, No. 13-4336, 2015 WL 1544310, at *1–2 (3d Cir. Apr. 8, 2015).

[199] Id. at *2.

[200] Id. (quoting United States v. Starnes, 583 F.3d 196, 211 (3d Cir. 2009)) (internal quotation marks omitted).

[201] Id. (quoting Bryan v. United States, 524 U.S. 184, 195 (1998)).

[202] 42 U.S.C. § 1320a-7b(h).

[203] United States v. Narco Freedom, Inc., 95 F. Supp. 3d 747, 756–57 (S.D.N.Y. 2015).

[204] Id. at 756.

[205] Id. at 756–57.

[206] Id. at 756, 758.

[207] Carter v. Welles-Bowen Realty, Inc., 736 F.3d 722, 727 (6th Cir. 2013) (citing, among other cases, Leocal v. Ashcroft, 543 U.S. 1, 11 n.8 (2004); United States v. Thompson/Ctr. Arms Co., 504 U.S. 505, 518 n.10 (1992) (plurality opinion)).

[208] United States v. Patel, 778 F.3d 607 (7th Cir. 2015).

[209] Id. at 609, 611.

[210] Id. at 612–13.

[211] Id. at 613.

[212] Id. at 612.

[213] Id. at 616.

[214] Id.

[215] See Satyam Khanna and Paul Thompson, Seventh Circuit Broadly Interprets "Referral" Under Anti Kickback Statute, Nat’l L. Rev. (Feb. 24, 2015), http://www.natlawreview.com/article/seventh-circuit-broadly-interprets-referral-under-anti-kickback-statute (citing, among other cases, United States ex rel. Perales v. St. Margaret’s Hosp., 243 F. Supp. 2d 843, 854 (C.D. Ill. 2003) (stating that a situation where a physician "played no role in determining which facility a patient would go to" would not violate the AKS)).

[216] Jones-McNamara v. Holzer Health Sys., No. 15-3070, 2015 WL 6685302, at *6 (6th Cir. Nov. 2, 2015); see OIG Anti-Kickback Provisions, supra note 193.

[217] Holzer Health Sys., 2015 WL 6685302, at *1–4.

[218] Id. at *4–5.

[219] Id. at *7.

[220] U.S. Dep’t of Health & Human Servs., Office of Inspector Gen., Fraud Alert: Physician Compensation Arrangements May Result in Significant Liability (June 9, 2015), https://oig.hhs.gov/compliance/alerts/guidance/Fraud_Alert_Physician_Compensation_06092015.pdf.

[221] Id.

[222] Id.

[223] Id.

[224] Id.

[225] U.S. Dep’t of Health & Human Servs., Office of Inspector Gen., OIG Policy Statement Regarding Hospitals That Discount or Waive Amounts Owed by Medicare Beneficiaries for Self-Administered Drugs Dispensed in Outpatient Settings (Oct. 29, 2015) at 1, http://oig.hhs.gov/compliance/alerts/guidance/policy-10302015.pdf.

[226] Id.

[227] Id.

[228] Id. at 2.

[229] See id.

[230] U.S. Dep’t of Health & Human Servs., Office of Inspector Gen., OIG Policy Reminder: Information Blocking and the Federal Anti-Kickback Statute (Oct. 6, 2015) at 1, http://oig.hhs.gov/compliance/alerts/guidance/policy-reminder-100615.pdf [hereinafter OIG Policy Reminder].

[231] Id. at 2.

[232] See id.

[233] 42 C.F.R. § 1001.952(y).

[234] 42 C.F.R.§ 1001.952(y)(3).

[235] OIG Policy Reminder, supra note 230, at 2.

[236] Id.

[237] See id. at 3.

[238] See Medicare and State Health Care Programs: Fraud and Abuse; Revisions to Safe Harbors under the Anti-Kickback Statute, and Civil Monetary Penalty Rules Regarding Beneficiary Inducements and Gainsharing, 79 Fed. Reg. 59,717 (proposed Oct. 3, 2014) (to be codified at 42 C.F.R. §§ 1001 and 42 C.F.R. § 1003).

[239] Solicitation of New Safe Harbors and Special Fraud Alerts, 79 Fed. Reg. 78,376 (Dec. 30, 2014) ("Section 205 of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), Public Law 104-191, section 205, the Act, section 1128D, 42 U.S.C. 1320a-7d, requires the Department to develop and publish an annual notice in the Federal Register formally soliciting proposals for modifying existing safe harbors to the anti-kickback statute and for developing new safe harbors and Special Fraud Alerts.").

[240] Id. 

[241] See, e.g., Letter from James L. Madara, MD, Exec. Vice President, CEO, Am. Med. Ass’n, to Daniel Levinson, Inspector Gen., U.S. Dep’t of Health & Human Servs., Office of Inspector Gen. (Mar. 2, 2015), http://op.bna.com.s3.amazonaws.com/hl.nsf/r%3FOpen%3dwpiy-9uflp8.

[242] U.S. Dep’t of Health & Human Servs., Office of Inspector Gen. et al, Practical Guidance for Health Care Governing Boards on Compliance Oversight (Apr. 20, 2015), https://oig.hhs.gov/compliance/compliance-guidance/docs/Practical-Guidance-for-Health-Care-Boards-on-Compliance-Oversight.pdf. 

[243] Id. at 1.

[244] Id. at 5.

[245] See id. at 11–12.

[246] Id. at 9. 

[247] Id. at 15.

[248] Id. at 7–8.

[249] See Press Release, Office of Pub. Affairs, U.S. Dep’t of Justice, Nation’s Second-Largest Nursing Home Pharmacy to Pay $9.25 Million to Settle Kickback Allegations (Oct. 7, 2015), http://www.justice.gov/opa/pr/nations-second-largest-nursing-home-pharmacy-pay-925-million-settle-kickback-allegations.

[250] Id.

[251] Id.

[252] See Millennium Health, supra note 20.

[253] Id.

[254] Id.

[255] 42 U.S.C. § 1395nn(g)(1)-(3).

[256] See Stark Administrative Simplification Act of 2015, H.R. 776, 114th Cong. (2015).

[257] Id.

[258] See Medicaid Physician Self-Referral Act of 2015, H.R. 1083, 114th Cong. (2015).

[259] See Medicaid Physician Self-Referral Act of 2014, H.R. 4676, 113th Cong. (2014).

[260] Press Release, Rep. Jim McDermott (D-WA), McDermott Introduces the Medicaid Physician Self-Referral Act of 2015 (Feb. 25, 2015), http://mcdermott.house.gov/index.php?option=com_content&view=article&id=786:mcdermott-introduces-the-medicaid-physician-self-referral-act-of-2015&catid=25&Itemid=20.

[261] See Medicaid Physician Self-Referral Act of 2015, H.R. 1083, 114th Cong. (2015).

[262] Ctrs. for Medicare & Medicaid Servs., Fact Sheet, Proposed Policy, Payment, and Quality Provisions Changes to the Medicare Physician Fee Schedule for Calendar Year 2016 (July 8, 2015), http://www.cms.gov/Newsroom/MediaReleaseDatabase/Fact-sheets/2015-Fact-sheets-items/2015-07-08.html.

[263] Press Release, Ctrs. for Medicare & Medicaid Servs., CMS Finalizes 2016 Medicare Payment Rules for Physicians, Hospitals & Other Providers (October 30, 2015), https://www.cms.gov/Newsroom/MediaReleaseDatabase/Press-releases/2015-Press-releases-items/2015-10-30.html; see also Medicare Program; Revisions to Payment Policies Under the Physician Fee Schedule and Other Revisions to Part B for CY 2016, 80 Fed. Reg. 70,886 (Nov. 16, 2015), https://www.gpo.gov/fdsys/pkg/FR-2015-11-16/pdf/2015-28005.pdf.

[264] Id.

[265] Ctrs. for Medicare & Medicaid Servs., Fact Sheet, Proposed Policy, Payment, and Quality Provisions Changes to the Medicare Physician Fee Schedule for Calendar Year 2016 (October 30, 2015), https://www.cms.gov/Newsroom/MediaReleaseDatabase/Fact-sheets/2015-Fact-sheets-items/2015-10-30-2.html.

[266] Medicare Program; Revisions to Payment Policies Under the Physician Fee Schedule and Other Revisions to Part B for CY 2016, 80 Fed. Reg. 70,886, 71,315 (Nov. 16, 2015).

[267] Id. at 71,317.

[268] Id. at 71,321.

[269] Id. (citing United States ex. rel. Kosenske v. Carlisle HMA, 554 F.3d 88 (3d Cir. 2009)).

[270] Id. at 71,322.

[271] Id.

[272] Id. at 71,301.

[273] Id. at 71,308.

[274] Id. at 71,304.

[275] Id. at 71,308.

[276] Id. at 71,325.

[277] Id.

[278] Id. at 71,326.

[279] Council for Urological Interests v. Burwell, 790 F.3d 212, 214 (D.C. Cir. 2015).

[280] Id. at 223–25.

[281] Id. at 226.

[282] Id.at 225–26.

[283] Id. at 222–23.

[284] Id.

[285] Medicare Program; Revisions to Payment Policies Under the Physician Fee Schedule and Other Revisions to Part B for CY 2016, 80 Fed. Reg. 70,886, 71,332 (Nov. 16, 2015), https://www.gpo.gov/fdsys/pkg/FR-2015-11-16/pdf/2015-28005.pdf.

[286] United States ex rel. Drakeford v. Tuomey Healthcare System, Inc., 792 F.3d 364, 364 (4th Cir. 2015).

[287] Id. at 373.

[288] Id. at 381.

[289] Id. at 386.

[290] Id.

[291] Id. at 387.

[292] Id. at 389.

[293] See Press Release, Office of Pub. Affairs, U.S. Dep’t of Justice, United States Resolves $237 Million False Claims Act Judgment Against South Carolina Hospital that Made Illegal Payments to Referring Physicians (Oct. 16, 2015), http://www.justice.gov/opa/pr/united-states-resolves-237-million-false-claims-act-judgment-against-south-carolina-hospital.

[294] Id.

[295] Ctrs. for Medicare & Medicaid Servs., Fact Sheet: Two-Midnight Rule (Oct. 30, 2015), https://www.cms.gov/Newsroom/MediaReleaseDatabase/Fact-sheets/2015-Fact-sheets-items/2015-10-30-4.html.

[296] Id.

[297] Medicare Program; Reporting and Returning of Overpayments; Extension of Timeline for Publication of the Final Rule, 80 Fed. Reg. 8247 (Feb. 17, 2015).

[298] Reporting and Returning Overpayments, 81 Fed. Reg. 7653 (Feb. 12, 2016).

[299] Id.

[300]  Id.

[301] Id.

[302] See Press Release, Office of Pub. Affairs, U.S. Dep’t of Justice, Pediatric Services of America and Related Entities to Pay $6.88 million to Resolve False Claims Act Allegations (Aug. 4, 2015), http://www.justice.gov/usao-sdga/pr/pediatric-services-america-and-related-entities-pay-688-million-resolve-false-claims.

[303] United States ex rel. Kane v. Healthfirst, Inc., No. 11-cv-2325 (ER), 2015 WL 4619686 (S.D.N.Y. Aug. 3, 2015)). 

[304] Id. at *15-16, *23 (emphasis added). 

[305] U.S. Dep’t of Health & Human Servs. Office of Inspector Gen., Part B Payments for 340B-Purchased Drugs, OEI-12-14-00030 (Nov. 2015), http://oig.hhs.gov/oei/reports/oei-12-14-00030.pdf.

[306] 340B Drug Pricing Program Omnibus Guidance, 80 Fed. Reg. 52300 (Aug. 28, 2015).  

[307] Id.  

[308] Pharm. Research & Mfrs. of Am. v. U.S. Dep’t of Health & Human Servs., 43 F. Supp. 3d 28, 42-45 (D.D.C. 2014).

[309] Pharm. Research & Mfrs. of Am. v. U.S. Dep’t of Health & Human Servs., No. 1:14-cv-01685, 2015 WL 5996374 (D.D.C. Oct. 14, 2015).

[310] Armstrong v. Exceptional Child Ctr., Inc., 135 S. Ct. 1378 (2015).

[311] Armstrong v. Exceptional Child Ctr., Inc., 135 S. Ct. 44 (2014) (granting certiorari on the question of whether Medicaid providers have a private right to enforce 42 U.S.C. § 1396a(30)(A)).

[312] 42 U.S.C. § 1396a(a)(30)(A).

[313] Exceptional Child Ctr., Inc. v. Armstrong, 567 F. App’x 496, 497 (9th Cir. 2014).

[314] Armstrong, 135 S. Ct. at 1384.

[315] Id. at 1385.

[316] Id.

[317] See, e.g., Fla. Pediatric Soc’y v. Dudek, No. 05-23037-CIV-JORDAN/O’SULLIVAN (S.D. Fla. Apr. 30, 2015) (order dismissing with prejudice plaintiff’s claim under 42 U.S.C. § 1396a(a)(3)(A)) (finding that claims premised on 42 U.S.C. § 1983 for violations of § 1396a(a)(8) and (a)(10), the reasonable promptness and medical assistance clauses, and 42 U.S.C. § 1396a(a)(43)(A), the Effective Outreach provision, survived the Supreme Court’s decision in Armstrong).

[318] Ctrs. for Medicare & Medicaid Servs., Inpatient Hospital Reviews, Hospital Appeals Settlement (June 1, 2015), https://www.cms.gov/Research-Statistics-Data-and-Systems/Monitoring-Programs/Medicare-FFS-Compliance-Programs/Medical-Review/InpatientHospitalReviews.html (last visited Jan. 15, 2016).

[319] Adirondack Med. Ctr. v. Burwell, 782 F.3d 707, 708-709 (D.C. Cir. 2015).

[320] Dist. Hosp. Partners, L.P. v. Burwell, 786 F.3d 46, 48 (D.C. Cir. 2015).

[321] Id. at 59-60.

[322] Anna Jacques Hosp., et al. v. Burwell, 797 F.3d 1155, 1157 (D.C. Cir. 2015).

[323] Press Release, U.S. Dep’t of Health & Human Servs., Better, Smarter, Healthier: In Historic Announcement, HHS Sets Clear Goals and Timeline for Shifting Medicare Reimbursements from Volume to Value (Jan. 26, 2015), http://www.hhs.gov/news/press/2015pres/01/20150126a.html.

[324] Id.

[325] Medicare Access and CHIP Reauthorization Act of 2015, Pub. L. No. 114-10, 129 Stat. 87 (2015).

[326] Id. at 161.

[327] Id. at 163.

[328] Id. at 162.

[329] Press Release, Ctrs. for Medicare & Medicaid Servs., CMS Finalizes Rules for Medicare Shared Savings Program (June 4, 2015), http://www.cms.gov/Newsroom/MediaReleaseDatabase/Press-releases/2015-Press-releases-items/2015-06-04.html. 

[330] Ctrs. for Medicare & Medicaid Servs., Next Generation ACO Model (Apr. 30, 2015), http://innovation.cms.gov/initiatives/Next-Generation-ACO-Model/ (last visited Jan. 15, 2016).

[331] Ctrs. for Medicare & Medicaid Servs., Fact Sheet: Pioneer ACO Model and Next Generation ACO Model: Comparison Across Key Design Elements (Apr. 28, 2015), http://innovation.cms.gov/Files/fact-sheet/nextgenaco-comparefactsheet.pdf.

[332] Press Release, Ctrs. for Medicare & Medicaid Servs., CMS Finalizes Rules for Medicare Shared Savings Program (June 4, 2015), http://www.cms.gov/Newsroom/MediaReleaseDatabase/Press-releases/2015-Press-releases-items/2015-06-04.html. 

[333] Id.

[334] Ctrs. for Medicare & Medicaid Servs., Fiscal Year 2016 Final Inpatient and Long-term Care Hospital Policy and Payment Changes (CMS-1632-F) (July 31, 2015), https://www.cms.gov/Newsroom/MediaReleaseDatabase/Fact-sheets/2015-Fact-sheets-items/2015-07-31-4.html.

[335] Ctrs. for Medicare & Medicaid Servs., Fact Sheet, Final Fiscal Year 2016 Payment and Policy Changes for Medicare Skilled Nursing Facilities (July 30, 2015), https://www.cms.gov/Newsroom/MediaReleaseDatabase/Fact-sheets/2015-Fact-sheets-items/2015-07-30-2.html.

[336] Ctrs. for Medicare & Medicaid Servs., Fact Sheet, Medicaid and CHIP Managed Care Proposed Rule CMS-2390-P (May 26, 2015), http://www.cms.gov/Newsroom/MediaReleaseDatabase/Fact-sheets/2015-Fact-sheets-items/2015-05-26.html. 

[337] Press Release, Ctrs. for Medicare & Medicaid Servs., CMS Releases First Ever Hospital Compare Star Ratings (Apr. 16, 2015), http://www.cms.gov/Newsroom/MediaReleaseDatabase/Press-releases/2015-Press-releases-items/2015-04-16.html. 

The following Gibson Dunn lawyers assisted in preparing this client update:  Steve Payne, John Partridge, Jonathan Phillips, Kara Coen, Julia Reese, Arianna Scavetti, Audi Syarief, Vivek Gopalan, Eva Michaels, Alli Chapin, Yamini Grema, Naomi Takagi, Jared Greenberg, John Avila, Helen Avunjian, and Coreen Mao.    

Gibson Dunn lawyers are available to assist in addressing any questions you may have regarding these developments.  Please contact the Gibson Dunn lawyer with whom you usually work or any of the following: 

Washington, D.C.
Stephen C. Payne, Co-Chair, FDA and Health Care Practice Group (202-887-3693, [email protected])
F. Joseph Warin (202-887-3609, [email protected])
Marian J. Lee (202-887-3732, [email protected])
Daniel P. Chung (202-887-3729, [email protected])
Jonathan M. Phillips (202-887-3546, [email protected])
Kara B. Coen (202-955-8535, [email protected])

Los Angeles
Kevin S. Rosen, Co-Chair, FDA and Health Care Practice Group (213-229-7635, [email protected])
Debra Wong Yang (213-229-7472, [email protected])

San Francisco
Charles J. Stevens (415-393-8391, [email protected])
Winston Y. Chan (415-393-8362, [email protected])

Orange County
Nicola T. Hanna (949-451-4270, [email protected])

New York
Alexander H. Southwell (212-351-3981, [email protected])

Denver
Robert C. Blume (303-298-5758, [email protected])
John D.W. Partridge (303-298-5931, [email protected])