Increased Investigation and Prosecution for Healthcare Fraud
With the passage of the Affordable Care Act, and increased focus on reducing health care costs, the United States Attorney General, and Attorney Generals for the various states, have made healthcare fraud investigation a top priority.
The United States Attorney for the Western District of Pennsylvania, David Hickton, recently announced his office’s increased emphasis on bringing action against those healthcare providers who intentionally or unintentionally fail to comply with state and federal regulations. The areas that will be the focus of the government’s increased interest include:
The targets of these healthcare fraud investigations include physicians, medical clinics, hospitals, nursing homes and assisted living facilities as well as durable medical equipment suppliers, home health agencies, community mental health centers and private insurance companies, among others.
DOJ scrutinizing cardiac devices
Implantable defibrillators are the focus of a broad-based DOJ initiative to make certain that patients in whom implantable defibrillators have been placed meet the Medicare requirements. Patients in whom these devices are implanted must have a history of arrhythmia that falls within the Medicare guidelines set forth in Medicare’s National Coverage Determination.
Perhaps because of the level of reimbursement to hospitals for such procedures, Recovery Audit Contractors (RACs) have identified implantation and interventional cardiology as a potentially fertile recovery source. Recovery Audit Contractors receive contingency payments for successful recoveries; and, hence, are most likely to pursue recoveries for expensive procedures first.
Business Associate E-mail Encryption
While most primary healthcare providers now are fully compliant with the HIPAA Security and Privacy Rule, the healthcare industry is faced with the extension of compliance responsibility to business associates. The new provisions mandate compliance and increase an organization’s need for clear, proactive management of sensitive information across all healthcare business relationships. Protected Health Information (PHI) transmitted electronically must be secured. Organizations can be fined up to $1.5 million for violating the rules protecting a patient’s privacy and State Attorneys General now have authority to enforce violations. Thus, requiring encryption by business associates must be considered where PHI is exchanged by e-mail, a medium that is inherently unsecure. A number of commercially available encryption products exist in the marketplace.
“Responsible” Corporate Officers May Still Be Excluded from Federal Healthcare Programs Even if They have no Actual Knowledge of the Company’s Wrongdoing”
The United States District Court for the District of Columbia ruled last month that evidence of a corporation’s alleged misbranding of a pain drug justified exclusion of corporate officers from participating in all federal healthcare programs for a period of twelve years. The Court rejected the corporate officers’ argument that their agreement in a related criminal prosecution to disgorge $34.5 million to the State Medicaid Fraud Control Program and an agreement on behalf of the corporation to pay $575 million, including $160 million in restitution, insulated the corporate officers from exclusion from the federal programs.
The court determined that the corporate officers’ position controls in the matter of exclusion. The fact that the corporate officers did not have actual knowledge of the misbranding, according to the court, did not relieve the corporate officers from liability. Their failure to exercise supervisory responsibility constituted a violation sufficient to uphold the sanction.
Friedman v. Sebelious, –F.Supp 2d–, 2010 WL5079937 (D.D.C.)
PA Superior Court provides no relief in civil cases
Those who seek to settle civil cases in which a Medicare Lien is present have attempted to adopt strategies to avoid the lengthy delays caused by the apparent inability of the Center for Medicaid Services (CMS) confirm the existence or satisfaction of their liens. In the recent case of Zaleppa v. Seiwell, the defendants and their insurance carrier attempted to protect themselves in paying a jury verdict.
Recognizing that the verdict or settlement payor is responsible under the Medicare Secondary Payor Act (MSPA) for protecting Medicare’s interests, the defendants tendered a check to the plaintiff, her attorneys and Medicare as payees. In exchange, they sought an Order indicating that the tender satisfied the verdict or, alternatively, sought authority to pay the verdict amount into Court, pending notification from Medicare that the Medicare lien was satisfied. The Superior Court refused to allow either alternative, holding that the MSPA is not designed to enable private parties to act on behalf of the United States Government. Hence, defendants, self-insurers or insurers, absent receipt of a final demand letter from CMS remain at risk if such liens are not satisfied. Practically speaking, if a Medicare lien is not satisfied, it is far more likely that the self-insured or the insurance carrier will be the target of CMS’ recovery efforts.
Writing a provision into the release that requires a final letter from CMS before settlement fund disbursement is the recommended approach. However, such provisions are even less likely to be accepted by plaintiff’s counsel than indemnification language obligating both plaintiff’s counsel and the plaintiff(s). Hence, plaintiff’s counsel should be advised early-on that a final demand letter from CMS will be required so that they may undertake the necessary measures to obtain the final letter well before settlement papers are drafted.
Unfortunately, the Pennsylvania Superior Court failed to endorse a procedure which, from the defense perspective, seemed to make perfect sense.