Global Investigations Review - The law and practice of international investigations

The Guide to Monitorships - Second Edition

13. The Healthcare Industry

WilmerHale

For 15 years, the Department of Justice (US DOJ) has used independent monitors to address compliance issues with companies accused of violations of healthcare fraud statutes and regulations. The breadth and dynamic nature of those statutes and regulations, the ever-changing structure for delivery of healthcare and the complexity of the operations of many of these companies present unique challenges to healthcare monitors. This chapter explores the history of healthcare monitorships and how they have worked in practice, with a focus on monitorships imposed by the US DOJ’s Criminal Division. The chapter takes you through the historical context, the legal context, enforcement actions and trends, unique challenges and predictions for the future.

The historical context

The US DOJ has prioritised healthcare fraud for almost three decades, starting with the then Attorney General Janet Reno in 1993.[2] A US DOJ report in 1997 referred to healthcare fraud as ‘the crime of the nineties’.[3] Throughout the 1990s, various government agencies underwent significant changes to meet the demand for increased healthcare enforcement. As one stark measure of this increased focus, the number of agents assigned by the Federal Bureau of Investigation (FBI) to look into healthcare fraud in the 1990s increased nearly fivefold – from 112 in 1992 to 500 in 1999.[4] The number of criminal healthcare fraud investigations increased nearly sixfold during the same period – from 520 to 3,000.[5]

Around the same time, Congress passed legislation that significantly shaped the landscape of healthcare enforcement, including the Health Insurance Portability and Accountability Act of 1996 (HIPAA).[6] HIPAA is best known for providing privacy protections to patients but it also ‘federalized much of the law of healthcare fraud’.[7] For example, HIPAA required the establishment of the Health Care Fraud and Abuse Control Program (HCFAC), which was designed to coordinate law enforcement efforts with respect to healthcare fraud and abuse at federal, state and local levels.[8] The HCFAC operates under the joint direction of the Attorney General and the Secretary of the Department of Health and Human Services (HHS).[9] HIPAA not only fostered the establishment of the HCFAC but also helped secure funding for enforcement activities.[10] For example, HIPAA established a HCFAC account that provided US$104 million for anti-healthcare fraud activities in fiscal year 1997.[11] In contrast, US$279.5 million in mandatory funding was allocated to the account in fiscal year 2017, which was supplemented by an additional US$725 million in discretionary funding appropriated by Congress.[12] These funds provide further evidence of the US DOJ’s commitment to combating healthcare fraud.

The enforcement and legal context

Coordinated efforts

Healthcare enforcement today is the result of coordinated efforts by federal, state and local law enforcement agencies. At the federal level, groups such as the Health Care Fraud (HCF) Unit of the US DOJ’s Criminal Division, the joint HHS/US DOJ Healthcare Fraud Strike Forces (the Strike Forces), the Civil Frauds Branch of the US DOJ’s Civil Division, the US Attorneys’ Offices (USAOs), the FBI and the Office of Inspector General at the HHS (HHS-OIG) all work collaboratively to combat healthcare fraud. The HCF Unit comprises more than 75 prosecutors whose core mission is to prosecute healthcare fraud cases.[13] The unit works closely with the US DOJ’s 15 strike forces, some of which are located in specific cities across the United States (i.e., Miami, Florida; Los Angeles, California; and Detroit, Michigan) while others operate regionally (i.e., the Gulf Coast region and the Appalachian region).[14] Originally launched in 2007 and expanded in 2009 in the Health Care Fraud Prevention and Enforcement Action Team HEAT Initiative,[15] the strike forces aim to focus on the ‘worst offenders’ engaged in healthcare fraud in the ‘highest intensity regions’.[16] The strike forces employ a ‘cross-agency collaborative approach’, which combines resources from the FBI, the HHS-OIG, the Centers for Medicare and Medicaid Services (CMS) and other agencies, as well as the prosecutorial resources of USAOs.[17]

The USAOs have long played a major part in healthcare fraud enforcement. They bring criminal and affirmative civil cases to recover funds obtained through fraud, waste and abuse,[18] and litigate a variety of healthcare fraud matters, including false billings, overcharges by hospitals, Medicaid fraud, kickbacks, pharmaceutical and medical device fraud, and home health and hospice fraud. Each USAO also has designated criminal and civil healthcare fraud coordinators who work with external agencies and trial attorneys, which further evidences the US DOJ’s commitment to healthcare enforcement.[19] Not surprisingly, all but one healthcare monitorship imposed through a non-prosecution agreement (NPA) or deferred prosecution agreement (DPA) resulted from a USAO-led investigation.[20]

Finally, the Civil Frauds Branch of the US DOJ’s Civil Division leads civil enforcement of the Claims Act nationally and has a key role in healthcare fraud enforcement nationwide.

Criminal statutes

The Criminal Division charges a variety of different crimes in healthcare fraud cases, such as:

  • general healthcare fraud;[21]
  • Anti-Kickback Statute (AKS) violations;[22]
  • theft or embezzlement in connection with healthcare;[23]
  • unlawful use of health information;[24] and
  • Food, Drug, and Cosmetic Act violations.[25]

The underlying misconduct that leads to these violations differs, but the common fraudulent activities include billing for no-show appointments, submitting claims for services at higher complexity levels or reimbursement levels than provided or documented, billing for services not furnished, and providing anything of value in exchange for referrals (i.e., kickbacks).

Civil statutes

Civil statutes also play a major part in protecting the government from healthcare fraud. The False Claims Act (FCA) and the Stark Law are two key civil statutes used to combat healthcare fraud. The FCA imposes liability on any person who knowingly submits a false claim seeking government funds.[26] Both the US DOJ and private citizens, known as ‘relators’, are allowed to bring actions on behalf of the United States asserting FCA violations.

The Stark Law, with the Stark Regulations,[27] imposes prohibitions on physician referrals and billing where certain financial relationships exist involving physicians or physicians’ immediate family members.[28] The Stark Law is discussed further in the ‘Unique aspects of healthcare monitorships’ section, below, which details some of the unique challenges in healthcare monitorships.

Enforcement actions and trends

The rise of monitorships in the early 2000s

In the early 2000s, corporate scandals, such as WorldCom and Enron, led to an increased focus on corporate misconduct, including healthcare fraud. For example, in 2000, the US DOJ entered into what was then the largest government fraud settlement in US history – a plea agreement resolving healthcare fraud allegations. The plea agreement was between the US DOJ and HCA – The Healthcare Company (HCA), which was the nation’s largest hospital chain at the time.[29] The agreement resolved allegations that, among other things, HCA engaged in fraudulent Medicare billing and paid kickbacks and other remuneration to doctors to induce referrals.[30] HCA agreed to pay US$745 million to the government, but the total penalty was increased over a number of years through various additional agreements.[31] This was followed by numerous high-value criminal and civil settlements involving kickbacks, poor manufacturing practices and illegal off-label promotion of pharmaceutical products.[32]

By the early 2000s, the US DOJ was also more frequently entering into NPAs and DPAs, which provided useful vehicles for requiring defendant companies to strengthen their compliance programmes and systems through the retention of monitors for the life of the agreement.[33] Between 2002 and 2005, the US DOJ entered into twice as many NPAs and DPAs as it had during the previous 10 years combined.[34] In 2005, the US Attorney’s Office for the District of New Jersey executed what is probably the first DPA to impose a monitor for healthcare fraud violations – a DPA with the University of Medicine and Dentistry of New Jersey (UMDNJ) that resolved allegations of double-billing Medicaid.[35] The government alleged that UMDNJ’s University Hospital submitted claims to Medicaid for outpatient physician services that were also being billed by doctors working in the hospital’s outpatient centres.[36] In addition to full reimbursement of Medicaid,[37] the DPA imposed a term of two years, with a monitor imposed for the full term.

The US attorney who led the UMDNJ investigation later suggested a rationale for the monitorship: ‘It would be highly irresponsible to allow a corporation whose prosecution is being deferred to go unsupervised during the deferral period.’[38] For several years subsequently, the US DOJ imposed monitors as a part of some, but not all, NPAs and DPAs. Some viewed the US DOJ’s monitorship decisions as ‘unpredictable’ and ‘inconsistent’.[39] In fact, congressional leaders called for greater transparency in the monitor selection process, hoping to ensure greater consistency in NPAs and DPAs.[40] The US DOJ responded by publishing general guidelines for monitor selections, such as the 2008 Morford Memorandum,[41] named after its author, the then Acting Deputy Attorney General Craig Morford. As discussed elsewhere in this book, the memo instructed prosecutors to ‘be mindful’ of two broad considerations: ‘the potential benefits that employing a monitor may have for the corporation and the public’ and ‘the cost of a monitor and its impact on the operations of the corporation’.[42] The 2018 Benczkowski Memorandum, also discussed in other chapters as well as in the ‘Predictions for the future’ section, below, supplemented the Morford Memorandum.

Recent healthcare monitorships

Since 2005, the US DOJ has imposed monitorships in at least 12 NPAs or DPAs resulting from violations of healthcare laws.[43] Some of the most notable resolutions in which a monitor was imposed include:

  • the 2007 settlements with DePuy Orthopedic, Inc, Smith & Nephew, Inc, Zimmer Holdings, Biomet and Stryker (resolving allegations of kickback conspiracies through DPAs and NPAs, imposing 18-month monitorships on each company);[44]
  • the 2009 settlement with WellCare Health Plans, Inc (resolving allegations of fraudulent billing through a three-year DPA, imposing an 18-month monitorship);[45]
  • the 2010 settlement with Wright Medical Technology, Inc (resolving allegations of kickbacks through a DPA, imposing a 12-month monitorship);[46]
  • the 2010 settlement with Exactech, Inc (resolving allegations of kickbacks through a DPA, imposing an 18-month monitorship);[47]
  • the 2011 settlement with Maxim Healthcare Services, Inc (resolving allegations of fraudulent billing through a DPA, imposing a two-year monitorship);[48]
  • the 2016 settlement with Olympus Corporation of the Americas (resolving kickback allegations through a DPA, imposing a three-year monitorship);[49] and
  • the 2016 settlement with Tenet HealthSystem Medical, Inc (resolving kickback violations through an NPA, imposing a three-year monitorship).[50]

Ten of the healthcare monitorships imposed since 2005 stemmed from investigations by the USAO for the District of New Jersey. Five of the NPAs or DPAs related to a conspiracy to pay kickbacks in the hip and knee industry. Another seven related to other kickback allegations and billing fraud. Most of these monitorships were for terms of 18 to 24 months. Three-year terms have been imposed only twice in the past 15 years, in resolutions with Olympus Corporation of the Americas and Tenet HealthSystem Medical, Inc. The defendants subject to the monitorships during this period have included hospital systems, home healthcare providers, medical technology companies and medical equipment distributors.[51]

Each of the monitorship agreements sets forth the duties and responsibilities of the monitor, generally to assess, oversee and monitor the company’s compliance programme to reduce the risk of repeat violations of the healthcare laws. In fulfilment of those duties and responsibilities, monitors use guidance from both the US DOJ and the HHS-OIG[52] on effective compliance programmes, structuring their review to assess elements such as analysis and remediation of underlying misconduct, compliance department autonomy and resources, training and communications, policies and procedures, and audit and monitoring. In some cases, monitors may be required to review employment practices and make recommendations regarding the hiring or firing of senior management and other relevant personnel. The monitor provides periodic reports of its findings and recommendations to the US DOJ and the company, and monitors the implementation of earlier recommendations. Typically, the monitored company is required to implement its monitor’s recommendations or explain to the US DOJ why it has declined to do so. Accordingly, the monitor must also assess whether recommendations from an earlier monitor period were successfully implemented within the organisation before the monitorship comes to a close.

Corporate integrity agreements

Companies that avoid a monitor as a part of their criminal resolutions are not necessarily in the clear when it comes to government oversight relating to compliance systems. The HHS-OIG commonly imposes separate civil agreements in healthcare enforcement actions, including corporate integrity agreements (CIAs). The first CIA was executed by the HHS-OIG in the mid 1990s.[53] CIAs have been entered into by hospitals and health systems, physician practices, long-term care facilities, such as skilled nursing facilities, life science companies, including medical device manufacturers, pharmaceutical companies and durable medical equipment suppliers, ambulance companies, laboratories, and rehabilitation and therapy providers, such as wound care.

Similar in certain respects to monitorships, CIAs usually impose oversight by independent review organisations (IROs). In contrast to a monitorship, a CIA is agency-enforced. CIAs are usually more detailed and prescriptive than monitorship agreements. For example, CIAs usually require IROs to conduct specific claims reviews, such as the review of 50 randomly selected claims.[54] CIAs also require IROs to employ individuals with specific credentials to assist with the monitoring, including ‘individuals who have a nationally recognized coding certification to conduct the coding portion’ of the IRO’s review.[55] Stipulated penalties are enforced for failure to comply with CIA obligations, and an entity’s non-compliance can result in exclusion.[56]

For example, in September 2019, the HHS-OIG executed a five-year CIA with Avanir Pharmaceuticals, Inc. as part of a settlement to resolve allegations that Avanir paid kickbacks to a physician to induce prescriptions of its drug Nuedexta.[57] The CIA spans more than 60 pages and includes staffing requirements (e.g., Avanir must hire a compliance officer and appoint a compliance committee), training and education requirements (e.g., Avanir must provide annual compliance training for a subset of employees), and policy-development requirements (e.g., Avanir must ‘develop and implement a centralized annual risk assessment and mitigation plan process’).[58] Should Avanir fail to comply with these requirements, it is potentially subject to an escalating series of financial penalties.

Unique aspects of healthcare monitorships

Healthcare monitors perform the same general compliance monitoring and reporting duties as monitors in other contexts, but also face unique challenges relating to:

  • the complex and dynamic nature of healthcare fraud;
  • reporting requirements;
  • corporate structure and governance;
  • conduct of the monitorship;
  • complicated accounting and financial assessments; and
  • constantly changing modes of healthcare delivery.

The complexity of healthcare fraud

Healthcare fraud is complex for a number of reasons. First, under healthcare’s traditional fee-for-service model, whereby providers (e.g., physicians, physician groups, hospitals) are compensated per unit of health service provided,[59] there are numerous steps in the provision of and payment for those services and, thus, numerous ways to commit fraud. To name a few, providers can bill for:

  • more expensive services than were actually provided or performed (known as upcoding);[60]
  • each step of a procedure as if it were a separate procedure (known as unbundling);[61] or
  • the same service more than once (known as double-billing).

Healthcare monitors must not only be familiar with these fraudulent practices but they must also anticipate new ways in which healthcare fraud may occur in the future.

Second, pharmaceuticals and device manufacturing companies present unique compliance challenges because their primary goal is to sell a product.[62] Employees at manufacturing companies often receive mixed messages from company leaders – they attend compliance training sessions about the importance of integrity in business dealings, then attend a sales meeting in which pressure is put on them to increase sales. Under these circumstances, monitors must remediate healthcare fraud under a profit-driven model. Monitors must scrutinise a company’s business plans and place emphasis on strengthening the company’s ‘tone at the top’ and ‘conduct at the top’.[63] Considering compliance as part of an employee’s performance evaluation or compensation structure is particularly important in these cases. Employees should know that they will be rewarded for doing business the right way in a compliant fashion, not just for profitability.

Third, the multiple parties involved in the delivery of healthcare services and products enter into agreements that can run afoul of the law; for example, by providing something of value in exchange for referrals of patients or customers (known as kickbacks). The AKS makes it a felony to knowingly and wilfully solicit, receive, offer or pay anything of value in exchange for the referral of federal healthcare programme business.[64] The term ‘anything of value’ is construed broadly and includes, among other things, gifts, discounts and free space.[65]

There are more than 30 safe harbours to the AKS, which scale back the broad prohibitions of the statute and simultaneously complicate it.[66] Take, for example, an analysis of physician compensation, one of the most significant AKS risks. Payments to physician employees of a hospital could constitute remuneration intended to induce the employees to recommend programme-related goods or services. The Bona Fide Employment Exception safe harbour, however, generally protects compensation arrangements between hospitals and hospital-affiliated physician practices. The exception covers any amount paid by an employer to a physician (or immediate family member) who has a bona fide employment relationship with the employer if certain enumerated conditions are met.

Further, kickbacks encompass more than cash exchanges, gifts or traceable wire transfers. At first, a kickback can appear as something completely innocuous, such as a job promotion, a directorship agreement, office space rented at below the fair market value, a teaching agreement, an on-call agreement or a consulting agreement. These are items of value and there is the potential that they might be provided unlawfully in exchange for referrals. Accordingly, monitors should look beyond the traditional assessments of whether an agreement is in writing and that payments match invoices. They must review fair market value of the compensation, the totality of the physician’s job positions, roles and responsibilities, and the physician’s volume of referrals to the hospital. Monitors should assess whether and how physician-specific volume data is generated, who has access to that data and for what purposes. The number and variation of relationships that could give rise to a kickback, as reflected in the many AKS safe harbours, complicate the work of the healthcare monitor.

Not only must healthcare monitors develop expertise on applicable healthcare laws to provide meaningful recommendations for mitigating compliance risks, they must be prepared for constant change. For example, on 25 June 2018, the HHS announced a Regulatory Sprint to Coordinated Care, led by Deputy Secretary Eric Hargan.[67] The initiative is designed to remove ‘unnecessary government obstacles to care coordination’.[68] The plan involves:

identifying regulatory requirements or prohibitions that may act as barriers to coordinated care, assessing whether those regulatory provisions are unnecessary obstacles to coordinated care, and issuing guidance or revising regulations to address such obstacles and, as appropriate, encouraging and incentivizing coordinated care.[69]

On 30 January 2019, Deputy Secretary Hargan announced that the HHS was close to finalising new healthcare fraud reforms relating to this initiative but he did not reveal the details of those reforms.[70] Additionally, the HHS-OIG issued a Request for Information seeking input, among other things, to help ‘identify ways in which it might modify or add new safe harbors to the’ AKS in August 2018.[71] Providers will respond, as they must, to these regulatory changes, and so too must monitors. In short, healthcare monitors must manage the ever-changing nature of healthcare fraud laws and regulations.

Reporting requirements

NPAs and DPAs involving a monitor typically include reporting requirements for the company and for the monitor. Reporting requirements vary by agreement. Most are very broad, requiring the reporting of ‘any credible evidence of criminal conduct or serious wrongdoing by, or criminal investigations of, the Company, its officers, directors, employees and agents, of any type that become known to the Company after the Effective Date’.[72] Others are more narrow, requiring the reporting ‘of evidence or allegations of actual or potential violations of the [AKS]’.[73] Both approaches can prove challenging.

In the case of broad reporting requirements, the company risks over-reporting, which can be detrimental. It can consume so many resources to identify, report and investigate that larger issues cannot receive the attention they demand. Narrow reporting requirements, on the other hand, can be ill-defined, which can lead to inconsistent reporting. It is vital for companies and monitors to understand the relevant reporting requirements because a failure to report may result in a breach of the agreement and subsequent extension of the monitorship. In addition, failures to report may deprive the monitor of critical information to investigate potential compliance system weaknesses and may deprive the US DOJ of information it needs both for enforcement purposes and to inform its prioritisation of future monitor reports. As such, companies should have candid and frequent conversations with the US DOJ and the monitor to delineate reporting requirements clearly early on and to foster a reporting process that is driven by a compliance focus rather than a legal focus. Fundamentally, monitors and companies must approach their reporting obligations with a determination to identify circumstances of concern and report them quickly and with transparency.

The Stark Law provides a specific example of the complexity of reporting requirements in a monitorship focused on the AKS. The Stark Law prohibits a physician from referring a patient to an entity for the provision of designated health services if the physician or a member of the physician’s immediate family has a financial relationship with that entity.[74] Additionally, the Stark Law prohibits entities from billing for designated health services furnished pursuant to a prohibited referral.[75] Like the AKS, the Stark Law has its exceptions[76] but, unlike the AKS, it is a civil statute that does not have an intent requirement. The Stark Law is a strict liability statute.

Because the Stark Law is civil, the AKS-focused monitorships have not required the reporting of Stark Law violations. However, Stark Law violations can give rise to ‘evidence’ of an AKS violation, which is reportable. For example, the provision of services without a contract potentially violates the Stark Law but, without intent, there is no AKS violation. The provision of services without a contract for a lengthy period, however, might suggest the absence of a contract is intentional, which may stem from an intent to induce referrals. The interplay between the AKS and the Stark Law is nuanced and complicates a monitor’s role in ensuring a company meets its reporting obligations.

Finally, NPAs, DPAs and associated monitorship agreements also impose reporting requirements directly on the monitors, and the complexity of healthcare fraud statutes and regulations and the potential implications for patient safety can introduce complications for the monitor. First, some reporting obligations arise from potential violations of the full range of healthcare fraud laws. That presents a challenge where those laws stretch beyond the particular focus of the monitorship. Moreover, in some instances, the US DOJ requires the monitor to report potential misconduct solely to the US DOJ and not to the company being monitored. This reporting requirement often relates to misconduct that presents an elevated risk to the public. This requires the monitor to make judgements not only on potential legal and compliance policy violations, but also on public safety risks.

Corporate structure and governance

Understanding the corporate structure and governance of an organisation is essential to making well-informed compliance recommendations. Healthcare providers and supplier networks are often comprised of several different types of facilities. Adding to the complexity, facilities are often spread out geographically, spanning several states and, in some instances, several countries. The decentralised nature of these companies makes it difficult to assess whether a compliance programme is appropriately resourced and structured. Some of the critical questions are:

  • How many compliance coordinators and leaders should be placed at each facility?
  • How many layers of oversight should there be between front-line employees and headquarters?
  • How does the organisation foster consistency in compliance across different business or sales units?
  • How should compliance responsibilities be divided?
  • What is the appropriate amount of resources for the proposed compliance model?

The more complex the organisation, the more difficult it is to answer these questions.

Healthcare monitors are expected to be familiar with how a compliance programme works at all levels of a company, starting with its board of directors (the Board). The Board sets the compliance ‘tone at the top’, including through its allocation of resources, receipt of direct reports from the compliance department, and its prompt and effective handling of compliance weaknesses and failures. The Board can also provide information about company benchmarks, plans for future acquisitions and dissolutions, and plans for keeping up with an ever-changing regulatory landscape. Board engagement is a critical component of any successful monitorship. Monitors should confer with members of the Board early on and remain in contact throughout the monitorship. If possible, monitors should also attend Board meetings and review Board materials to foster transparency and open lines of communication. Monitor attendance at Board committees entrusted with compliance and ethics, and related functions such as audit, may be a critical way to gain insights.

Conduct of monitorship

The conduct of a monitorship in this area, as in others, demands significant interaction with a company’s compliance department. The relationship between the monitor team and the compliance department should be a mutually supportive one. After all, achieving the best possible compliance programme and systems for the company is the central mission of both the monitor and the compliance department. And compliance department leadership and personnel are often the best sources of information for the monitor. At the same time, it is important for the monitor to remain independent of the compliance department and bring independent judgement to assessing the information and activities presented by the compliance department.

The thorough assessment of a company’s compliance system requires a number of key steps. The monitor must review compliance resources to determine whether they are adequate, appropriately distributed in the field, sufficiently independent, and influential with management at the facility, headquarters and executive levels. The monitor should conduct similar reviews of the legal department, audit department and other functional areas key to the compliance programme. The monitor should assess the compliance programme ‘on paper’ – for example, the adequacy of compliance policies, risk assessments, structures, procedures and training. However, it is even more critical for the monitor to assess how the programme works in practice. That requires field visits to organisations that are decentralised and witness interviews of not only executive, compliance and legal personnel, but also operational personnel whose conduct is at the centre of the compliance risk.

In many respects, the nuts and bolts of the monitor’s work are similar to those of an internal investigation conducted by company counsel – thorough collection and review of documents (including email) and witness interviews. However, the independence of the monitor – the monitor is a lawyer but the company is not the client – introduces differences from a typical investigation by counsel. For example, the involvement of the company’s legal department in transactions of interest to the monitor may require the monitor to request that the company waive privilege for those transactions. Given the sensitivity of waivers, including the possibility that the company may face third-party requests for waived materials in the context of litigation, it is best for the monitor to request waivers only where necessary and craft the waiver requests as narrowly as possible. Moreover, Upjohn warnings[77] at the outset of witness interviews are not appropriate for monitor interviews because the monitor is not company counsel and the interviews are not covered by the attorney–client privilege. However, it is appropriate to request that an interviewee does not discuss the interview with others, so as to encourage independent views of subsequent interviewees. In addition, it is important for the monitor to emphasise with interviewees that the purpose of the monitorship is to improve the company’s compliance and that they should be candid with the monitor even when they have criticisms to share. Offering confidentiality to the interviewee (although there may be circumstances – for example, a subpoena – in which the monitor would have to share the information with others) can help to foster candour.

Another key component of a monitorship is testing. Whether the relevant legal issues involve the accuracy of coding and billing, or agreements with referral sources that involve AKS risk, it is critical that the monitor sample relevant transactions for compliance with company policy and the law. The sample size (and distribution across a decentralised enterprise) and the substance of the testing must be adequate to satisfy the monitor that he or she will uncover any significant or systemic problems. The monitor should consider partnering with a forensic accounting expert in the area to assist with the sampling and testing.

There are a number of challenges for healthcare monitors, beginning with frequent corporate transactions. For example, a health system may acquire stand-alone hospitals or even an entire hospital network, consisting of dozens of hospitals or other facilities. Inevitably, some employees at the newly acquired facilities may leave the company or refuse to adapt to change. When an acquisition increases the geographical reach of an organisation, it may become difficult for company leaders, including the compliance and legal departments, to maintain an effective presence on the ground, which may embolden employees to ignore compliance guidance. Monitors are expected to assess their recommendations in light of how an acquisition (or dissolution) affects the company’s compliance system, both to assist in the development of a new system that works given the current state of the company and is sufficiently durable to accommodate future changes.

In addition, the healthcare field has the second highest turnover rate in the country – second only to hospitality.[78] High turnover on the Board and at executive levels can present challenges with the organisation’s management of change, such as a lack of ownership regarding compliance issues and a lack of commitment to long-term compliance goals. High turnover in middle management and at the facility level also presents compliance challenges and risks. Monitors should consider conducting exit interviews with key departing employees to assess compliance risks and develop recommendations for dealing with change management.

Finally, the US DOJ has repeatedly and consistently emphasised the need for a strong compliance culture, noting that positive ‘change[] in corporate culture’ is a key consideration when deciding whether to impose a monitor.[79] That culture should exist at every level within the company, from individual facilities, through market or regional management, to corporate executives and the Board. Monitors assess culture through interviews with personnel at each level, detailed assessment of operations on the ground through field visits, and ethics and compliance surveys. Those surveys provide useful snapshots of the culture at different levels within an organisation and can help to guide both the company’s compliance department and the monitor in terms of areas of future focus. In addition, repeating the survey, even after the completion of the monitorship, can provide company management with invaluable trending data on how well the company is developing its culture of compliance.

Complicated accounting and financial assessments

Internal audit functions and accounting practices have a critical role in detecting compliance issues, especially with respect to improper billing or kickbacks. As noted earlier in the chapter, healthcare fraud schemes are varied in nature and often are not easily detected in a company’s documentation, books and records. Yet, drilling down into those details can be an invaluable tool for uncovering and correcting flaws in the company’s compliance programme. Payment documentation, such as ledgers, invoices, pay cheques and other financial records must be examined by someone who understands, in detail, healthcare accounting and billing. Monitors often engage forensic accountants with healthcare billing and valuation experience to help identify and remediate compliance risks in the billing and kickback areas. The accountants can help to test arrangements with referrals sources, review leases, provide recommendations for audit practices, and use predictive analysis to help identify compliance issues before they occur. Healthcare monitors are not alone in turning to experts for assistance; however, there is no question that the transactions that raise compliance risks in this area are of a particularly high degree of complexity and breadth.

Evolving modes of healthcare delivery

Healthcare monitors must also be familiar with the different compliance risks presented by evolving modes of delivery of healthcare services and products. For example, healthcare networks sometimes comprise a variety of facilities, including traditional acute care hospitals, but also newer ambulatory centres, short-stay hospitals and urgent-care centres. Each type of facility presents a different risk profile. Acute care hospitals have dozens or even hundreds of agreements with referral sources, each presenting the risk that the network is paying the physician or other referral source to obtain referrals to the network in violation of the AKS or the Stark Law. Ambulatory surgery centres and some surgical hospitals may be owned jointly by physicians and the healthcare network. This presents an entirely different and potentially serious set of compliance risks for the monitor to evaluate, namely that the network is conditioning physician ownership on the volume or value of referrals to the facility in which the network has a financial interest.[80] These sorts of nuances permeate the US healthcare system and, given the importance of healthcare in the political debate, more changes in healthcare delivery are inevitable. This will only further complicate the work of healthcare monitors.

Predictions for the future

The US DOJ’s priorities in the past few years have remained focused on healthcare fraud, but there may be a cooling of interest in monitorships in this area.

First, the US DOJ has moved and, if its public statements are any indication, will probably continue to move, towards greater individual accountability. Historically, the US DOJ placed greater emphasis on prosecuting organisations than on holding individuals responsible for the misconduct that led to the violations. More recently, however, the US DOJ has increased its focus on individuals, with the understanding that individual accountability may lead to greater deterrence.[81] In 2017, Deputy Attorney General Rod Rosenstein observed that high corporate fines ‘do not necessarily directly deter individual wrongdoers’ because ‘at the level of each individual decision-maker, the deterrent effect of a potential corporate penalty is muted and diffused’.[82] Thus, he made clear the US DOJ’s continuing commitment to hold individuals accountable for corporate wrongdoing. In August 2018, the US DOJ’s Health Care Fraud Unit (HCF Unit) Chief Joseph Beemsterboer noted that the HCF Unit and the USAOs are ‘tackling . . . really bad professionals and doctors. . . . For the Health Care Fraud Unit, the focus is on individuals’.[83] And in December 2019, Assistant Attorney General Brian Benczkowski asserted that the US DOJ was dedicated to ‘holding individual wrongdoers accountable across the board’.[84]

The number of healthcare fraud-related agreements entered into by the US DOJ reflects the shift in priorities:

  • 2016: two DPAs and three NPAs;[85]
  • 2017: three DPAs and one NPA;[86]
  • 2018: one NPA, with Health Management Associates, LLC (HMA);[87] and
  • 2019, one DPA and one NPA.[88]

At the same time, there has been a significant increase in individual enforcement actions. For example, as compared to 2017, in 2018 the HCF Unit had a 56 per cent increase in opioid defendants and a 40 per cent increase in the number of individuals charged.[89] In 2019, the number of individuals charged by the HCF Unit was 10 per cent higher than in 2018.[90] Further, the US DOJ announced two record-breaking recoveries against individuals. In July 2017, the largest healthcare fraud enforcement action up to that date was taken by the Medicare Fraud Strike Force against 412 individuals in 41 districts involving US$1.3 billion in alleged fraud.[91] Charges included medically unnecessary treatments, treatments that were never provided and kickbacks.[92] Many of the charges focused on opioid prescriptions and distribution.[93] In June 2018, the US DOJ broke that record when it announced charges against 601 individuals in 58 districts involving more than US$2 billion in alleged fraud.[94]

In addition to illustrating the US DOJ’s emphasis on pursuing enforcement actions against individuals, the large-scale 2017 and 2018 fraud enforcement actions described above are also representative of the Department’s efforts to address the United States’ prescription opioid epidemic. In the 2017 enforcement action, for instance, the US DOJ noted that many of the 412 defendants included ‘medical professionals involved in the unlawful distribution of opioids’, a group described as a ‘particular focus for the Department’.[95] The US DOJ repeated that language with respect to its 600-person enforcement action in 2018[96] and in 2019, the Department settled a series of fraud cases with opioid manufacturers and distributors.

The US DOJ has also refined its approach to corporate monitors. In October 2018, Assistant Attorney General (AAG) Brian Benczkowski issued new guidance regarding the decision whether to require a corporate monitor and the selection process in Criminal Division matters (the Benczkowski Memorandum).[97] AAG Benczkowski said the memo is intended to ‘further refine the factors that go into the determination of whether a monitor is needed, as well as [to] clarify and refine the monitor selection process’.[98] When a monitorship is needed, the financial costs of the monitorship are a central consideration – in other words, US DOJ attorneys should consider whether a monitorship’s scope is tailored narrowly ‘to avoid unnecessary burdens to the business’s operations’.[99] In 2019, Deputy Assistant Attorney General Matthew Miner offered some additional colour on this guidance, noting that ‘[n]ot surprisingly, the state of a company’s compliance program’ would play a ‘significant role’ in the decision as to whether to impose a monitor.[100] He further noted that the Criminal Division’s ‘bottom line standard’ under the guidance was that a monitor should only be imposed ‘where there is a demonstrated need for, and clear benefit to be derived from, a monitorship relative to the projected costs and burdens’.[101] In other words, he continued ‘[w]here a corporation’s compliance program and controls are demonstrated to be effective and appropriately resourced at the time of resolution, a monitor will usually not be necessary’.[102]

The September 2018 settlement of a criminal investigation involving HMA is a good example of the US DOJ’s current views of monitorships.[103] The government alleged that HMA, among others:

  • knowingly billed federal healthcare programmes for inpatient services that should have been billed as outpatient or observation services;
  • paid remuneration to physicians in return for patient referrals; and
  • submitted inflated claims for emergency department facility fees.

Although HMA entered into a three-year NPA with the US DOJ, the Department noted that a compliance monitor was not necessary given ‘HMA and HMA Parent’s remediation and the state of their compliance program, the CIA between HHS-OIG and HMA Parent, and their agreement to’ self-report compliance issues.[104]

Conclusion

Twenty years after the US DOJ described healthcare fraud as ‘the crime of the nineties’, it remains a top priority for the Department. Although the US DOJ has refined its approach to monitorships in corporate healthcare cases, we have surely not seen the end of monitors in this area. Indeed, the Department’s renewed emphasis on the importance of effective compliance systems, and seemingly reduced emphasis on imposing massive punishments on corporate defendants, could lead to greater emphasis on remediation, including monitorships, that help to build effective compliance moving forward rather than the imposition of record-breaking fines. There is too much federal money in the healthcare system, too much risk of fraud and too much room for improvement in the commitment to compliance in some organisations. Healthcare monitors will undoubtedly continue to face a number of compliance challenges from highly complex laws and regulations, ever-changing corporate structures and healthcare delivery modes, and high degrees of sophistication and variation in the manner in which fraud is perpetrated on the system.


Footnotes

1 David Ogden and Ronald Machen, partners at WilmerHale, are co-monitors in a healthcare fraud monitorship led by the US Department of Justice’s Criminal Division. Stephen Jonas, a WilmerHale partner, Ericka Aiken, a WilmerHale counsel, and James D Barton, a WilmerHale senior associate, are members of that co-monitor team.

2 US Department of Justice [US DOJ] Health Care Fraud Report Fiscal Years 1995 & 1996 (October 1997), at https://www.justice.gov/archives/opa/us-department-justice-heatlh-care-fraud-report-fiscal-years-1995-1996.

3 id.

4 Salinger, Lawrence M, Encyclopedia of White-Collar & Corporate Crime, Vol. 1, at 394 (2005).

5 id.

6 See Pub. L. No. 104-191, 5701 110 Stat. 1936 (1996).

7 Hyman, David, ‘HIPAA and Health Care Fraud: An Empirical Perspective’, Cato Journal, Vol. 22, No. 1, at 155 (2002), https://pdfs.semanticscholar.org/98ff/f0f837ae669cdbad7c1ed5d8010e541635e0.pdf.

8 US Department of Health and Human Services, Office of Inspector General [HHS-OIG], ‘Health Care Fraud and Abuse Control Program Report’, at https://oig.hhs.gov/reports-and-publications/hcfac/index.asp.

9 id.

10 HHS-OIG, ‘Health Care Fraud and Abuse Control Program Annual Report for Fiscal Year 2017’ (April 2018), at https://oig.hhs.gov/publications/docs/hcfac/FY2017-hcfac.pdf.

11 US Gov’t Accountability Office, GAO 11-446, ‘Health Care Fraud and Abuse Control Program: Improvements Needed in Controls over Reporting Deposits and Expenditures’ (2011), at https://www.gao.gov/assets/320/318299.html. A portion of these funds are to be used only for activities of the HHS-OIG, with respect to the Medicare and Medicaid programmes. For example, Health Care Fraud and Abuse Control Program appropriations supported more than 66 per cent of the US DOJ’s healthcare fraud funding and more than 75 per cent of HHS-OIG’s appropriated budget for FY 2017 (footnote 10, above).

12 HHS-OIG Report (footnote 10, above), at 3.

13 US DOJ, Fraud Section, ‘Year in Review’ 2019 (January 2020), at https://www.justice.gov/criminal-fraud/file/1245236/download.

15 Eric Holder, Attorney General, US DOJ, Remarks at the HEAT Press Conference on Detroit Takedown (29 June 2009), at https://www.justice.gov/opa/speech/attorney-general-eric-holder-heat-press-conference-detroit-takedown.

16 id.

17 id.

18 HHS-OIG Report (footnote 10, above), at 72.

19 id.

20 See ‘Enforcement actions and trends’ section, below.

21 18 U.S.C. Section 1347.

22 42 U.S.C. Section 1320a-7b(b).

23 18 U.S.C. Section 669.

24 42 U.S.C. Section 1320d-6.

25 21 U.S.C. Section 301 et seq. Food, Drug, and Cosmetic Act violations include off-label marketing, Good Manufacturing Practice violations and manufactured compound drugs.

26 See 31 U.S.C. Section 3729 et seq.

27 From 1991 to 1998, the Centers for Medicare and Medicaid Services (CMS) (formerly the Health Care Financing Administration) implemented a series of regulations [the Stark Regulations] to provide further guidance on the Stark Law. The Stark Regulations were codified as 42 C.F.R. Sections 411.350 to 411.389.

28 42 U.S.C. Section 1395nn(a)(1)(A).

29 US DOJ, Press release, ‘Largest Government Fraud Settlement in U.S. History’ (December 2000), at https://www.justice.gov/archive/opa/pr/2000/December/696civcrm.htm. One of the authors led the Civil Division as the Assistant Attorney General at the time the US DOJ reached this settlement with HCA.

30 id.

31 US DOJ, Press release December 2000 (footnote 29, above); see also US DOJ, Press release, ‘Largest Health Care Fraud Case in U.S. History Settled HCA Investigation Nets Record Total of $1.7 Billion’ (26 June 2003), at https://www.justice.gov/archive/opa/pr/2003/June/03_civ_386.htm; see also HCA, 2003 Annual Report, at 17, at http://media.corporate-ir.net/media_files/irol/63/63489/pdfs/2003ar.pdf.

32 e.g., US DOJ, Press release, ‘TAP Pharmaceutical Products Inc. and Seven Others Charged with Health Care Crimes; Company Agrees to Pay $875 Million to Settle Charges’ (3 October 2001), at https://www.justice.gov/archive/opa/pr/2001/October/513civ.htm; Peterson, Melody, ‘Drug Maker to Pay $500 Million Fine for Factory Lapses’, The New York Times (18 May 2002), at https://www.nytimes.com/2002/05/18/business/drug-maker-to-pay-500-million-fine-for-factory-lapses.html; US DOJ, Press release, ‘Serono to Pay $704 Million for the Illegal Marketing of Aids Drug’ (17 October 2005), at https://www.justice.gov/archive/opa/pr/2005/October/05_civ_545.html; US DOJ, Press release, ‘Pfizer to Pay $2.3 Billion for Fraudulent Marketing’ (2 September 2009), at https://www.justice.gov/opa/pr/justice-department-announces-largest-health-care-fraud-settlement-its-history; US DOJ, Press release, ‘Johnson & Johnson to Pay More Than $2.2 Billion to Resolve Criminal and Civil Investigations’ (4 November 2013), at https://www.justice.gov/opa/pr/johnson-johnson-pay-more-22-billion-resolve-criminal-and-civil-investigations.

33 Lissack, Richard, et al., Fountain Court Chambers and Clifford Chance LLP, ‘Monitorships’, Global Investigations Review (4 January 2017), at https://globalinvestigationsreview.com/chapter/1079360/monitorships.

34 Matyas, David E and Snyder, Lynn Shapiro, ‘Monitoring The Monitor? The Need For Further Guidance Governing Corporate Monitors Under Pre-Trial Diversion Agreements’, as appeared in BNA’s Health Care Fraud Report, Epstein Becker Green (14 April 2009), at https://www.ebglaw.com/news/monitoring-the-monitor-the-need-for-further-guidance-governing-corporate-monitors-under-pre-trial-diversion-agreements-as-appeared-in-bnas-health-care-fraud-report/#_ftn1; see also Mokhiber, Russell, ‘Crime Without Conviction: The Rise of Deferred and Non Prosecution Agreements’, Corporate Crime Reporter (28 Dec. 2005), at https://www.corporatecrimereporter.com/news/200/crime-without-conviction-the-rise-of-deferred-and-non-prosecution-agreements-2/.

35 The US DOJ does not keep a comprehensive list of all non-prosecution agreements [NPAs] and deferred prosecution agreements [DPAs] to date on its website. Scholars and universities, however, have maintained repositories of NPAs and DPAs collected over the years. Multiple repositories suggest that the University of Medicine and Dentistry of New Jersey [UMDNJ] DPA is the first time a monitor was imposed in a criminal resolution to resolve alleged violations of healthcare fraud. See, e.g., University of Virginia Law, Corporate Prosecution Registry, Data and Documents, at http://lib.law.virginia.edu/Garrett/corporate-prosecution-registry/browse/browse.html.

36 id.

37 id.

38 Christie, Christopher J and Hanna, Robert M, ‘A Push Down the Road of Good Corporate Citizenship: The Deferred Prosecution Agreement Between the U.S. Attorney for the District of New Jersey and Bristol-Myers Squibb Co.’, 43 Am. Crim. L. Rev., at 1043, 1054 (2006). US Attorney [USA] Christie’s remarks were made in reference to the imposition of a monitor against Bristol-Myers Squibb for alleged securities violations a few months before his office imposed the monitor in the UMDNJ resolution. While USA Christie did not directly address his reasons for imposing the UMDNJ monitor, his remarks shed light on his rationale.

39 See Boozang, Kathleen, ‘“Monitoring” Corporate Corruption: DOJ’s Use of Deferred Prosecution Agreements’, Am. J. of Law & Med., 35 (February 2009).

40 United States House of Representatives, Press release, Remarks of Bill Pascrell (26 November 2007); see also The Accountability and Deferred Prosecution Act of 2014, H.R. 4540, 113th Cong. (2014) (calling for the establishment of rules for the selection of independent monitors for DPAs).

41 Memorandum from Craig S Morford, Acting Deputy Attorney General, to Heads of Department Components, United States Attorneys, ‘Selection and Use of Monitors in Deferred Prosecution Agreements and Non-Prosecution Agreements with Corporations’ (7 March 2008), at https://www.justice.gov/sites/default/files/dag/legacy/2008/03/20/morford-useofmonitorsmemo-03072008.pdf.

42 id.

43 In 2019, the US DOJ imposed an independent compliance monitor as part of an NPA with Fresenius Medical Care AG & Co. KGaA. The NPA resolved allegations that Fresenius paid bribes and did not accurately record payments in operations across Africa, the Middle East and Europe in violation of the Foreign Corrupt Practices Act. Erin Sloane, a New York City-based partner at WilmerHale, was selected to serve as the corporate monitor under the NPA. While the Fresenius NPA did not resolve alleged violations of any healthcare laws, the Fresenius monitorship demonstrates the US DOJ’s focus on combating fraud, of any type, at healthcare companies. See US DOJ, Press release, ‘Fresenius Medical Care Agrees to Pay $231 Million in Criminal Penalties and Disgorgement to Resolve Foreign Corrupt Practices Act Charges’ (29 March 2019), at https://www.justice.gov/opa/pr/fresenius-medical-care-agrees-pay-231-million-criminal-penalties-and-disgorgement-resolve.

44 The settlements were with the US Attorney’s Office [USAO] for the District of New Jersey. See US DOJ, News release, Christopher J Christie, US Attorney, ‘Five Companies in Hip and Knee Replacement Industry Avoid Prosecution by Agreeing to Compliance Rules and Monitoring’ (27 September 2007), at https://www.justice.gov/sites/default/files/usao-nj/legacy/2013/11/29/hips0927.rel.pdf.

45 See WellCare DPA at Paragraphs 10 and 11 (18 May 2009). The settlement was with the USAO for Middle District of Florida. See id.

46 See Wright Medical DPA at Paragraph 16. The settlement was with the USAO for District of New Jersey. See id. The Wright Medical DPA and monitorship were later extended by an additional 12 months. See US DOJ, Press release, ‘Wright Medical Technology, Inc. Deferred Prosecution Agreement with Government Extended for 12 Months’ (15 September 2011), at https://www.justice.gov/archive/usao/nj/Press/files/Wright%20Medical%20DPA%20Extension.html.

47 See Exactech DPA at Paragraph 16. The settlement was with the USAO for District of New Jersey. See id.

48 See Maxim Healthcare DPA at Paragraph 15. The settlement was with the USAO for District of New Jersey. See id.

49 The settlement was with the USAO for District of New Jersey. See US DOJ, Press release, ‘Medical Equipment Company will Pay $646 Million for Making Illegal Payments to Doctors and Hospitals in United States and Latin America’ (1 March 2016), at https://www.justice.gov/opa/pr/medical-equipment-company-will-pay-646-million-making-illegal-payments-doctors-and-hospitals.

50 The settlement was with the US DOJ’s Criminal Division and the USAO for Northern District of Georgia. See US DOJ, Press release, ‘Hospital Chain Will Pay over $513 Million for Defrauding the United States and Making Illegal Payments in Exchange for Patient Referrals; Two Subsidiaries Agree to Plead Guilty’ (3 October 2016), at https://www.justice.gov/opa/pr/hospital-chain-will-pay-over-513-million-defrauding-united-states-and-making-illegal-payments.

51 In January 2020, the US DOJ and Practice Fusion Inc, a health information technology developer, executed a DPA to settle kickback allegations. The DPA notes that an independent compliance monitor was not necessary. However, Practice Fusion agreed to retain an ‘independent oversight organization’ to review and approve certain of its activities. For example, the independent oversight organisation is required to review and approve any ‘clinical decision support’ (CDS) alerts – electronic messages sent to healthcare providers that may influence a provider’s treatment decisions – that are sponsored by third-party entities such as pharmaceuticals companies before Practice Fusion may actually transmit those CDS alerts to healthcare providers. See US DOJ, Press release, ‘Electronic Health Records Vendor to Pay $145 Million to Resolve Criminal and Civil Investigations’ (27 January 2020), at https://www.justice.gov/opa/pr/electronic-health-records-vendor-pay-145-million-resolve-criminal-and-civil-investigations-0.

52 US DOJ, Criminal Division, ‘Evaluation of Corporate Compliance Programs’, at https://www.justice.gov/criminal-fraud/page/file/937501/download [US DOJ Evaluation of Corporate Compliance Programs]; OIG ‘Compliance Program Guidance for Hospitals’, 63 Fed. Reg. 8987-02, 8988 (1998).

53 HHS-OIG, ‘Protecting Public Health and Human Services Programs: A 30 Year Retrospective’, 38, at https://oig.hhs.gov/publications/docs/retrospective/anniversarypub.pdf. In April 2016, the HHS-OIG issued guidance noting that it would not require a corporate integrity agreements [CIA] to resolve every healthcare fraud investigation and the number of civil resolutions not requiring a CIA does appear to be trending upwards. See 2016 HHS-OIG Report.

54 HHS-OIG, Corporate Integrity Agreements, FAQ, at https://oig.hhs.gov/faqs/corporate-integrity-agreements-faq.asp.

55 id.

56 id.

57 US DOJ, Press release, ‘Pharmaceutical Company Targeting Elderly Victims Admits to Paying Kickbacks, Resolves Related False Claims Act Violations’ (26 September 2019), at https://www.justice.gov/opa/pr/pharmaceutical-company-targeting-elderly-victims-admits-paying-kickbacks-resolves-related.

58 CIA between the OIG-HHS and Avanir Pharmaceuticals, Inc., at 12 (25 September 2019), at https://oig.hhs.gov/fraud/cia/agreements/Avanir_Pharmaceuticals_Inc_09252019.pdf.

59 Rai, Arti K, ‘Health Care Fraud and Abuse: A Tale of Behavior Induced by Payment Structure’, Univ. of Chicago – J. on Legal Studies (June 2001).

60 National Health Care Anti-Fraud Association, ‘What Does Health Care Fraud Look Like?’, at https://www.nhcaa.org/news/what-does-health-care-fraud-look-like.aspx.

61 id.

62 See Boozang (footnote 39, above), at 98.

63 See US DOJ Evaluation of Corporate Compliance Programs (footnote 52, above).

64 See 42 U.S.C. Section 1320a-7b(b).

65 See United States v. Westmoreland, 2011 WL 4342721, at *25 (D. Mass., 15 September 2011) (The Anti-Kickback Statute ‘makes it illegal to offer, pay, solicit or receive anything of value as an inducement to generate business payable by Medicare or Medicaid’.)

66 42 U.S.C. Section 1320a-7b(b)(3); see also HHS-OIG, ‘Safe Harbor Regulations’, at https://oig.hhs.gov/compliance/safe-harbor-regulations/index.asp.

67 Medicare Program; Request for Information Regarding the Physician Self-Referral Law, 83 Fed. Reg. 29,524 (25 June 2018), at https://www.gpo.gov/fdsys/pkg/FR-2018-06-25/pdf/2018-13529.pdf.

68 id.

69 id.

70 Swann, James, ‘Government Close to Releasing Health Anti-Fraud Reforms’, Bloomberg Law (30 January 2019), at https://news.bloomberglaw.com/health-law-and-business/government-close-to-releasing-health-anti-fraud-reforms.

71 Medicare and State Health Care Programs: Fraud and Abuse; Request for Information Regarding the Anti-Kickback Statute and Beneficiary Inducements, CMP, 83 Fed. Reg. 43,607, 43,608 (27 August 2018), at https://www.govinfo.gov/content/pkg/FR-2018-08-27/pdf/2018-18519.pdf.

72 Maxim Healthcare Services DPA (2011), at Paragraph 19; see also Olympus Corporation of the Americas DPA (2016), at Paragraph 22.

73 Tenet HealthSystem Medical NPA (2016), at Paragraph 5(e).

74 42 U.S.C. Section 1395nn(a)(1)(A).

75 42 U.S.C. Section 1395nn(a)(1)(B).

76 42 U.S.C. Section 1395nn(b).

77 Upjohn warnings are derived from Upjohn Co v. United States, 449 U.S. 383 (1981).

78 Rosenbaum, Michael, ‘Will 2018 be the year healthcare addresses its turnover problem?’, Becker’s Hospital Review (16 January 2018), at https://www.beckershospitalreview.com/finance/will-2018-be-the-year-healthcare-addresses-its-turnover-problem.html.

79 US DOJ, Office of the Assistant Attorney General, ‘Selection of Monitors in Criminal Division Matters’ (11 October 2018) [Benczkowski Memorandum], at https://www.justice.gov/opa/speech/file/1100531/download.

80 See 42 C.F.R. Section 411.362(b)(3)(ii)(B).

81 See Raymond, Nate, ‘Q&A: DOJ’s health care fraud chief on priorities’, Reuters (24 August 2018).

82 Rod Rosenstein, Deputy Attorney General, US DOJ, Remarks at NYU Program on Corporate Compliance & Enforcement (6 October 2017), at http://www.law.nyu.edu/sites/default/files/upload_documents/Rosenstein%2C%20Rod%20J.%20Keynote%20Addr ess_2017.10.6.pdf.

83 See Raymond (footnote 81, above).

84 US DOJ, Press release, ‘Assistant Attorney General Brian A Benczkowski Delivers Remarks at the American Conference Institute’s 36th International Conference on the Foreign Corrupt Practices Act’ (4 December 2019), at https://www.justice.gov/opa/speech/assistant-attorney-general-brian-benczkowski-delivers-remarks-american-conference.

85 Meiko America DPA (2016); Olympus Corporation of the Americas DPA (2016); B. Braun Medical, Inc. NPA (2016); GNC Holdings, Inc. NPA (2016); Tenet HealthSystem Medical NPA (2016).

86 Aegerion Pharmaceuticals DPA (2017); Baxter Healthcare DPA (2017); PDQ Imaging Services, LLC DPA (2017); Pharmaceutical Technologies, Inc. NPA (2017).

87 HMA NPA (2018).

88 Avanir Pharmaceuticals, Inc. DPA (Anti-kickback Statute), at https://www.gibsondunn.com/wp-content/uploads/2020/01/Avanir-Pharmaceuticals-DPA.pdf; Reckitt Benckiser Group NPA (False claims to healthcare programs), at https://www.gibsondunn.com/wp-content/uploads/2020/01/Reckitt-Benckiser-Group-NPA.pdf.

89 See footnote 13.

90 Compare US DOJ, Fraud Section, ‘Year in Review 2018’ (January 2019), at https://www.justice.gov/criminal-fraud/file/1123566/download (HCF Unit instituted charges against 309 individuals) with US DOJ, Fraud Section, ‘Year in Review 2019’ (January 2020), at https://www.justice.gov/criminal-fraud/file/1245236/download (HCF Unit instituted charges against 344 individuals).

91 US DOJ, Press release No. 17-768, ‘National Health Care Fraud Takedown Results in Charges Against Over 412 Individuals Responsible for $1.3 Billion in Fraud Losses’ (13 July 2017), at https://www.justice.gov/opa/pr/national-health-care-fraud-takedown-results-charges-against-over-412-individuals-responsible.

92 id.

93 id.

94 US DOJ, Press release No. 18-866, ‘National Health Care Fraud Takedown Results in Charges Against 601 Individuals Responsible for Over $2 Billion in Fraud Losses’ (28 June 2018), at https://www.justice.gov/opa/pr/national-health-care-fraud-takedown-results-charges-against-601-individuals-responsible-over.

95 US DOJ, Press release No. 17-768 (footnote 91, above).

96 US DOJ, Press release No. 18-866 (footnote 94, above).

97 Benczkowski Memorandum (footnote 79, above).

98 Brian A Benczkowski, Assistant Attorney General, US DOJ, Remarks at NYU School of Law Program on Corporate Compliance and Enforcement Conference on Achieving Effective Compliance (12 October 2018), at https://www.justice.gov/opa/speech/assistant-attorney-general-brian-benczkowski-delivers-remarks-nyu-school-law-program.

99 Benczkowski Memorandum (footnote 79, above), at 2.

100 US DOJ, Press release, ‘Deputy Assistant Attorney General Matthew S Miner Gives Remarks at the 29th Annual National Institute on Health Care Fraud’ (9 May 2019), at https://www.justice.gov/opa/speech/deputy-assistant-attorney-general-matthew-s-miner-gives-remarks-29th-annual-national.

101 id.

102 id.

103 US DOJ, Fraud Section, ‘Year in Review 2018’, at 15, at https://www.justice.gov/criminal-fraud/file/1123566/download.

104 HMA NPA, at Paragraph 1(e).

Previous Chapter:12. US Ordered Cross Border Monitorships

Next Chapter:14. The Financial Services Industry