United States: Reed Smith Health Care Reform Review: Analysis and Implications of Fraud Abuse and Program Integrity Provisions of the Affordable Care Act

  • Introduction
  • Title I—Quality, Affordable Health Care for All Americans [Includes False Claims Act Changes]
  • Title VI—Transparency and Program Integrity
  • Subtitle E—Medicare, Medicaid, and Children's Health Insurance Program (CHIP) Integrity Provisions [Includes Anti-Kickback Statute Changes]
  • Subtitle F—Additional Medicaid Program Integrity Provisions
  • Subtitle G—Additional Program Integrity Provisions
  • Conclusion


In April 2010, Reed Smith provided an extensive analysis of the recently enacted health reform legislation, H.R. 3590, the Patient Protection and Affordable Care Act (PPACA), as amended by H.R. 4872, the Health Care and Education Reconciliation Act of 2010 (Reconciliation Act).1 Together, these sweeping measures expand access to health insurance (including subsidies, mandates, and market reforms); reduce health care spending (particularly in the Medicare program); expand federal fraud and abuse authorities and transparency requirements; impose new taxes and fees on health industry sectors; and institute a variety of other health policy reforms.

In this analysis, we concentrate on those provisions in the new law that will affect Fraud Abuse and Program Integrity Provisions. These include changes to the federal False Claims Act, the Anti-Kickback Statute, and the Civil Monetary Penalty laws.

Many of the new provisions require the Secretary of the Department of Health & Human Services (HHS) to issue implementing regulations, and we will be reporting on these developments in the coming months.

Title I—Quality, Affordable Health Care for All Americans [Includes False Claims Act Changes]

Health Benefit Exchanges: Financial Integrity and the False Claims Act (Sec. 1313, 10104)

This section applies the federal False Claims Act (FCA) to payments made through Health Benefits Exchanges if the payments include any federal funds.

As amended by section 10104, the legislation significantly changes the FCA Public Disclosure Bar. Specifically, the legislation eliminates the bar as a jurisdictional defense and expands the definition of "original source" to include individuals who provide information to the government that is "independent of and materially adds to the publicly disclosed allegations or transaction...." Courts still have the authority to dismiss cases based upon public disclosures, but only if the government does not oppose the motion. Finally, the definition of the forum for disclosure has changed: state proceedings or proceedings where the United States is not a party will no longer serve as a basis for public disclosure.

This section also requires the Government Accountability Office (GAO) to study the cost and affordability of qualified health plans offered through Exchanges.

Reed Smith Analysis

Under the previous public disclosure provisions, a court did not have jurisdiction over a qui tam suit (brought on behalf of the federal government by a private citizen or "relator") if the allegations and transactions upon which the suit was based had been publicly disclosed in the news media, or in a prior civil, criminal, congressional or administrative hearing, report, audit, or investigation. The relator could only avoid dismissal of her claims pursuant to this public disclosure bar by demonstrating that she was an "original source" of the information, which was defined as an individual with "direct and independent knowledge" of the allegations.

The amendments to the FCA severely undercut the public disclosure bar in three ways.

First, the new provisions provide the government – not the court – with the authority to determine whether an action should be dismissed on public disclosure grounds. The amendment provides that a court "shall dismiss an action or claim" if the allegations and transactions are based upon public information, "unless opposed by the government." This change will likely result in protracted litigation of parasitic qui tam suits that should be dismissed on the pleadings. The government will have little incentive to concede dismissal because prolonged litigation on "public claims" – even if they are meritless – will likely force FCA defendants to settle claims, potentially creating a windfall for the government and the relator.

Second, the new provisions restrict the types of "public" information that would merit dismissal. Before the March 23, 2010 revisions, the public disclosure bar divested courts of jurisdiction over actions that were based on information that had been publicly disclosed in a criminal, civil, or administrative hearing; or a congressional, administrative, or GAO report, hearing, audit, or investigation; or in the news media. Now, however, only "federal" criminal, civil, and administrative proceedings, in which the "government or its agent is a party," will qualify as the types of disclosures that can preclude subsequent qui tam actions. The recent changes also limit the public disclosure bar;s application to strictly "federal" reports, audits, and investigations, and altogether eliminate "administrative" reports, audits, and investigations as a basis for dismissal. The result of these changes is that potential relators can obtain information from state or local hearings, trials, investigations and proceedings, and turn around to use that information as the basis for a qui tam suit – despite the fact that the material was readily available in the public domain. This revision was apparently a preemptive strike by Congress to moot the issue of whether a state report can qualify as a public disclosure – an issue decided by the U.S. Supreme Court one week after the enactment of PPACA in the case of Graham County Soil & Water Conservation District v. United States ex rel. Wilson, --- U.S. --, 2010 WL 1189557 (March 30, 2010).

In Graham County, the Supreme Court held that state "administrative reports, audits, or investigations" trigger the public disclosure bar in the same way as their federal counterparts. The Supreme Court analyzed the FCA's text and concluded nothing in the statute's language specified that only federal administrative reports could qualify as public disclosures. Likewise, the legislative history concerning the term "administrative ... report, audit, or investigation" was virtually non-existent because the relevant text was adopted in conference committee after the House and Senate committee reports had been completed, and thus did not support limiting the public disclosure bar to federal reports only. Finally, the Court rejected the relator's arguments that the policy behind the FCA justified limiting the public disclosure bar to federal reports.

While the Graham County holding is now largely mooted by PPACA, the Supreme Court noted in the decision that the PPACA changes are not retroactive, and therefore only will apply prospectively to cases filed after the PPACA's effective date. Thus, both federal and state reports, audits, and investigations can trigger the public disclosure bar for FCA cases filed prior to March 23, 2010. However, for cases filed after March 23, 2010, to determine whether the public disclosure bar is triggered, courts must analyze whether the disclosure occurred in the context of a federal criminal, civil, or administrative proceeding in which the government or its agent was a party.

Third, the new law removes the previous requirement in the "original source" exception that an individual have "direct and independent knowledge" to proceed with an action despite the existence of a public disclosure. Instead, under the newly revised FCA, a relator may qualify as an "original source" if she voluntarily provided information to the government prior to the public disclosure, or if he has knowledge that is "independent of" and "materially adds" to the publicly disclosed allegations. Previously, to qualify as an original source, a relator was required to have "direct" (or first-hand, personal) knowledge of the publicly disclosed facts supporting allegations of fraud, and this requirement served to screen out fraud allegations based on unreliable hearsay and second-hand sources. The elimination of the "direct knowledge" requirement threatens to force FCA defendants to face wholly unsupported allegations and "fishing expeditions" that are otherwise not based on any factual premise. Equally troubling, the new law does not describe the nature or quantity of information that a relator must allege to "materially add" to the publicly disclosed allegations. There is little doubt that the term "materially adds" will be the hotly contested subject of future litigation concerning the public disclosure bar, as these amendments turn long-settled interpretations of the public disclosure bar on their heads.

Title VI—Transparency and Program Integrity

Subtitle E—Medicare, Medicaid, and Children's Health Insurance Program (CHIP) Integrity Provisions [Includes Anti-Kickback Statute Changes]

Provider Screening and Other Enrollment Requirements under Medicare, Medicaid, and CHIP (Sec. 6401)

Provider Screening. This provision requires the Secretary, in consultation with the Office of Inspector General (OIG), to establish procedures for screening providers and suppliers participating in federal health care programs (specifically, Medicare, Medicaid, and CHIP). The Secretary has authority to set different levels of screening depending upon the type of provider or supplier. At a minimum, all providers and suppliers would be subject to licensure checks, and additional screening items could include fingerprinting, criminal background checks, multi-state database inquiries, and surveys/site visits. An application fee of $200 for individual practitioners and $500 for institutional providers and suppliers would be imposed to cover the costs of screening each time they re-verify their enrollment (every five years). Section 10603 removes the enrollment fee for physicians. This section also provides for a provisional enrollment for new providers and suppliers, during which the Center for Medicare & Medicaid Services (CMS) could improve pre-payment review and payment caps.

Reed Smith Analysis

This provision is intended to address rising enrollment fraud, especially among suppliers. The new paradigm for supplier fraud is for a false entity to enroll and submit as many false claims as possible, often using stolen beneficiary data. Claims are required to be promptly paid under separate regulation. These entities then close up and move on – literally "taking the money and running." Not surprisingly, these provisions (like others in this Part) are likely to cause a significant administrative burden among law-abiding providers and suppliers. Because the law provides for interim final rulemaking on this point, CMS may move quickly to implement these provisions.

Disclosure of Deadbeat or Excluded Affiliates. New enrollees in Medicare, Medicaid or CHIP will be required to disclose current or previous affiliations with any provider or supplier that has uncollected debt; has had payments suspended' has been excluded from participating in a federal health care program; or has had billing privileges revoked.

Mandatory Compliance Programs. The Secretary, in consultation with OIG, will require certain providers and suppliers to have mandatory compliance programs. Implementation and other details will be determined by later regulation.

Reed Smith Analysis

The details on this provision are to be determined by regulation. But it is no secret that the OIG has long wished to impose mandatory compliance programs on providers and suppliers. Usually the imposition of such programs is in the form of a Corporate Integrity Agreement (CIA) – a contract where the consideration by the OIG is the release of its permissive exclusion authority. In return, the provider or supplier agrees to implement certain structural, training, and reporting obligations, and if these obligations are not met, the entity can be excluded from federal health care programs. While it is likely that these mandatory programs will have some of the same elements as a CIA, it will be interesting to see what the remedy is for non-compliance, since this provision does not authorize exclusion or any other penalties.

Enhanced Medicare and Medicaid Program Integrity Provisions (Sec. 6402)

Integrated Data Repository.This provision is intended to allow federal regulators the ability to correlate claims and payment data across programs and within programs to identify fraud. CMS must include in the integrated data repository (IDR) claims and payment data from the following programs: Medicare (Parts A, B, C, and D), Medicaid, CHIP, health-related programs administered by the Departments of Veterans Affairs (VA) and Defense (DOD), the Social Security Administration, and the Indian Health Service (IHS).

Access to Data. Similarly, the Secretary is required to enter into data-sharing agreements with the Commissioner of Social Security, the Secretaries of the VA and DOD, and the Director of the IHS to help identity fraud, waste, and abuse, and allow DOJ access to this data.

Overpayments. This provision requires that overpayments be reported and returned within 60 days from the date of identification or by the date that the corresponding cost report is due (as applicable). In addition, the provision specifically ties such overpayments to the "retention of overpayments" language in the federal FCA.

Reed Smith Analysis

This is a key provision because it establishes a general deadline for reporting and returning overpayments. Under the May 2009 amendments to the federal FCA, the retention of an overpayment is a specific basis for liability. With this provision, Congress has determinatively tied FCA liability to 60 days from the discovery of an overpayment. One question, however, is, "What constitutes identification of an overpayment?" Stated otherwise, when does the clock start ticking on the 60-day obligation? This is a very broad provision that could be read to include violations of Stark, the Anti-Kickback Statute, and other fraud-and-abuse provisions, as the violation of such laws may "disqualify" the underlying claim (creating an overpayment). For example, under Stark, the failure to timely sign a lease between a physician and a hospital could disqualify all referrals made by that physician to the hospital and create an overpayment obligation under this provision.

National Provider Identifier. This section requires the Secretary to issue a regulation mandating that all Medicare, Medicaid, and CHIP providers include their NPI on enrollment applications.

Permissive Exclusions. This section adds a new permissive exclusion provision related to false statements provided on enrollment applications (to all federal health care programs). In addition, this section expands application of Civil Monetary Penalties (CMPs) to individuals who order or prescribe an item or service, make false statements on applications or contracts to participate in a federal health care program, or who know of an overpayment and do not return the overpayment. Each violation is subject to CMPs of up to $50,000.

Certain Charitable and Innocuous Contributions. The PPACA clarifies conditions and provides for rulemaking under which certain charitable or free goods can be offered.

Testimonial Subpoena Authority for Exclusion Cases. This section creates a new testimonial subpoena authority to be used by the OIG in exclusion actions.

Surety Bonds. This provision requires that the Secretary take into account the volume of billing for a Durable Medical Equipment (DME) supplier or Home Health Agency (HHA) when determining the size of the surety bond. The Secretary can also impose this requirement on other providers and suppliers, depending on the level of risk presented by provider or supplier. Criminal Health Care Fraud Laws, Including the Anti-Kickback Statute. First, a violation of the Criminal Health Care Fraud Laws2, including the anti-kickback law, is now a predicate action for violation of the federal FCA. Second, the Criminal Health Care Fraud Laws, including the Anti-Kickback Statute, has been amended to provide that a person need not have actual knowledge of the laws or specific intent to commit a violation of the laws.

Reed Smith Analysis

The first provision settles the issue of whether a violation of the certain criminal health care laws, including the anti-kickback law, is a predicate violation of the federal FCA. Most courts have held that it is,3 but some courts have limited application, for example, to providers who have signed enrollment certifications that pledge compliance (to such laws).4 It was in the late 1990s that the CMS-855 form began to require such a statement, and it is possible that not all providers or suppliers with liability have certified to compliance. Further, of course, there are numerous entities with potential liability under the anti-kickback law that are not enrolled as either a supplier or a provider. All entities would therefore now be subject to suit under the FCA and be subject to a potentially longer statute of limitations.

With regard to the second provision, the intent provisions in the statute have not been amended. Instead, the section has been appended to add the paragraph as follows:

(h) With respect to violations of this section, a person need not have actual knowledge of this section or specific intent to commit a violation of this section.

Our view is that this new provision does not eliminate the requirement that the government show that an individual knew his or her conduct was unlawful, nor does it change the Anti-Kickback Statute into a strict liability scheme. Instead, this provision merely codifies the scienter requirement adopted by the majority of federal courts that a defendant need not have specific knowledge of the Anti-Kickback Statute in order to violate it. See, e.g., United States v. Starks, 157 F.3d 833, 837-39 (11th Cir. 1998) (knowledge of statute not required); United States v. Davis, 132 F.3d 1092, 1094 (5th Cir. 1998) (same); United States v. Jain, 93 F.3d 436, 439‐41 (8th Cir. 1996) (same).

This provision appears to to be a belated response by Congress to the Ninth Circuit's decision in Hanlester Network v. Shalala, 51 F.3d 1390 (9th Cir. 1995). In that case, the Ninth Circuit held that in order to establish a violation of the Anti-Kickback Statute, the government needed to prove that (1) defendant had knowledge that the Anti-Kickback Statute prohibited certain kinds of conduct and (2) defendant engaged in prohibited conduct with the specific intent to disobey the Anti-Kickback Statute. Id. at 1400. While Hanlester has remained good law in the Ninth Circuit, other federal courts have consistently rejected its heightened scienter standard. See, e.g., United States v. Davis, 132 F.3d 1092, 1094 (5th Cir. 1998) ("...even the Hanlester court requires knowledge only that the conduct in question was unlawful, and not necessarily knowledge of which particular statute makes the conduct unlawful."); United States v. Jain, 93 F.3d 436, 441 (8th Cir. 1996) ("Hanlester Network v. Shalala, 51 F.3d 1390, 1399-1400 (9th Cir. 1995), does not persuade us to adopt defendants' position."); see also United States v. Starks, 157 F.3d 833, 837-39 (11th Cir. 1998) (the "giving or taking of kickbacks for medical referrals is hardly the sort of activity a person might expect to be legal"). Therefore, this new provision simply brings the Ninth Circuit standard into line with the rest of the country. No longer will defendants in the Ninth Circuit have the luxury of using ignorance of the law as an excuse to avoid liability under the Anti-Kickback Statute.

Payment Suspensions. This provision allows the Secretary to suspend payments to a provider or supplier pending a fraud investigation.

Health Care Fraud and Abuse Control (HCFAC) Account. This section increases funding for HCFAC by $10 million each year for FYs 2011 through 2020, and provides for a permanent CPI adjustment to HCFAC, and also for Medicare Integrity Program (MIP) funding.

Medicare and Medicaid Integrity Programs. This provision requires contractors to provide statistics on activities, including the number and amount of overpayments recovered, the number of fraud referrals, and the return on investment.

Elimination of Duplication Between the Healthcare Integrity and Protection Data Bank, and the National Practitioner Data Bank (Sec. 6403)

This section creates a national health care fraud-and-abuse data collection program for reporting certain adverse actions taken against health care providers, suppliers, and practitioners, and submits information on the actions to the National Practitioner Data Bank (NPDB). The Healthcare Integrity and Protection Data Bank (HIPDB) would be terminated and this information would be transferred to the NPDB.

Maximum Period for Submission of Medicare Claims Reduced to Not More than 12 Months (Sec. 6404)

Beginning January 2010, the maximum period for submission of Medicare claims would be reduced to not more than 12 months from the date of service. This new rule applies to all parts of Medicare.

Physicians Who Order Items or Services Required to be Medicare-Enrolled Physicians or Eligible Professionals (Sec. 6405)

Physicians who prescribe DME or home health services must be enrolled in the Medicare program. This requirement could be extended by regulation to other services.

Requirement for Physicians to Provide Documentation on Referrals to Programs at High Risk of Waste and Abuse (Sec. 6406)

The PPACA authorizes the Secretary to disenroll for up to one year a Medicare-enrolled physician or supplier that fails to maintain and provide access to written orders or requests for payment for DME, certification for home health services, or referrals for other items and services, effective January 1, 2010. A requirement to maintain and provide access to such documentation also is added to the general Medicare provider enrollment requirements set forth at section 1866 of the Social Security Act (SSA). Moreover, the PPACA extends the OIG's permissive exclusion authority to include individuals or entities that order, refer, or certify the need for health care services, but fail to provide adequate documentation to verify payment.

Face-to-Face Encounter with Patient Required Before Physicians May Certify Eligibility for Home Health Services or DME (Sec. 6407, 10605)

The PPACA requires physicians to document that they have had a face-to-face encounter (including through telehealth, as permitted) with the Medicare or Medicaid beneficiary prior to issuing a certification for home health services, effective for certifications made after January 1, 2010. Section 10605 adds that the face-to-face encounter, in addition to being with the physician himself or herself, may be with a nurse practitioner or clinical nurse specialist working in collaboration with the physician in accordance with state law, with a certified nurse-midwife as authorized by state law, or with a physician assistant under the supervision of the physician.

Likewise, the PPACA provides that as a condition of a written order for DME under Medicare, the physicians must document that the physician, physician assistant, nurse practitioner, or clinical nurse specialist has had a face-to-face encounter (including through telehealth, as permitted) with the beneficiary during the six-month period preceding the written order, or other reasonable timeframe as determined by the Secretary.

The Secretary also is authorized to apply the face-to-face encounter requirement to other Medicare items and services, based upon a finding that doing so would reduce the risk of fraud, waste, and abuse.

Enhanced CMP Penalties (Sec. 6408)

Under this provision, various CMPs are increased, including CMPs for persons who fail to grant the OIG timely access to documents, for the purpose of audits, investigations, evaluations, or other statutory functions. Also, persons who knowingly make, use, or cause to be made or used, any false statement to a federal health care program, would be subject to a CMP of $50,000 for each violation. The violations that could be subject to the imposition of sanctions and CMPs by the Secretary would include Part C Medicare Advantage (MA) plans or Part D plans that: (1) enroll individuals in an MA or Part D plan without their consent, (2) transfer an individual from one plan to another for the purpose of earning a commission, (3) fail to comply with marketing requirements and CMS guidance, or (4) employ or contract with an individual or entity that commits a violation. Penalties for Part C and Part D plans that misrepresent or falsify information would be increased to up to three times the amount claimed by a plan or plan sponsor, based on the misrepresentation or falsified information.

Medicare Self-Referral Disclosure Protocol (Sec. 6409)

Within six months, the OIG will issue regulations to establish a self-disclosure protocol for violations of the Stark physician self-referral law.

In an Open Letter to Providers March 24, 2009, the Inspector General limited the application of the self-disclosure protocol to Stark violations that also had a colorable anti-kickback law violation; disclosures based solely on a Stark violation would no longer be accepted. Therefore, entities who discover potential Stark violations currently have no avenue for self-disclosure.

Adjustments to the Medicare Durable Medical Equipment, Prosthetics, Orthotics and Suppliers (DMEPOS) Competitive Acquisition Program (Sec. 6410)

By way of background, under the DMEPOS competitive bidding program, only suppliers who are successful bidders will be eligible to furnish certain categories of DMEPOS to Medicare beneficiaries in certain geographic areas (with very limited exception). Successful bidders will be paid based on the median of the winning suppliers' bids for each of the selected items in the region, rather than on the Medicare fee schedule or supplier bid amount. Competitive bidding is being phased in geographically and by product category. CMS conducted the first round of DMEPOS competitive bidding in 2007 in 10 geographic areas and for 10 product categories, and the program briefly went into effect in July 2008. Because of widespread concerns about how the program was implemented, however, MIPPA blocked round 1 and adopted a series of changes to the program. Under MIPPA, CMS was directed to conduct a new round 1 rebid in nine geographic areas in 2009, and conduct a second phase of bidding in 2011 in ʺan additional 70ʺ of the largest metropolitan statistical areas.5

The PPACA requires the Secretary to expand the number of areas to be included in round 2 of the competitive bidding program from 79 to 100 of the largest MSAs. In addition, the PPACA requires (rather than permits) the Secretary to use information regarding payments determined under competitive bidding, to adjust DMEPOS payments in areas outside of competitive bidding areas beginning in 2016. Likewise, for items furnished on or after January 1, 2016, the Secretary is directed to continue to adjust prices as additional information is obtained when new items are subject to competitive bidding or when contracts are recompeted.

Expansion of the Recovery Audit Contractor (RAC) Program (Sec. 6411)

In the Tax Relief and Health Care Act of 2006, Congress required a permanent and national RAC program to be in place by January 1, 2010. This program, however, did not include Medicare Parts C and D, nor did it include state Medicaid programs. This provision expands the RAC program to Medicaid and to the other parts of the Medicare program.

The goal of the program is to identify improper payments to Medicare providers and suppliers, including underpayments and overpayments. In the demonstration project that occurred between 2005 and 2008, RAC audits resulted in more than $900 million in overpayments being returned to the Medicare Trust Fund, and nearly $38 million in underpayments returned to health care providers.

Community Mental Health Centers (Reconciliation Act Sec. 1301)

This section of the Reconciliation Act puts additional qualification standards on community mental health centers that provide Medicare partial hospitalization services. These facilities must now provide at least 40% of services to individuals who are not eligible for benefits under Medicare, and restricts application of such programs that provide services in a patient's home or "inpatient or residential setting."

Medicare Prepayment Medical Review Limitations (Reconciliation Act Sec. 1302)

This provision repeals section 1874a(h) of the SSA, which is a section regarding the conduct of prepayment review. This section of the Act required prepayment reviews to be conducted under certain circumstances, for example, standard protocols developed by the Secretary. It also limited "non-random" prepayment reviews unless there is a likelihood of sustained or highlevel of payment error. Stated otherwise, these provider and supplier protections against random governmental audit and review have been eliminated.

Funding to Fight Fraud, Waste and Abuse (Reconciliation Act Sec. 1304) Section 1301 of the Reconciliation Act increases funding for the Health Care Fraud and Abuse Control Fund (HCFAC) by $250 million over the next decade. The HCFAC program is designed to coordinate federal, state and local law enforcement activities with respect to health care fraud and abuse. This section also indexes funds to fight Medicaid fraud based on the increase in the CPI.

90-Day Period of Enhanced Oversight for Initial Claims of DME Suppliers (Reconciliation Act Sec. 1305)

In addition, section 1304 of the Reconciliation Act authorizes the Secretary to hold Medicare claims for up to 90 days for certain new DME suppliers. Specifically, effective January 1, 2011, if the Secretary determines that there is a significant fraud risk among suppliers furnishing certain types of DME or operating in certain geographic areas, the Secretary can withhold Medicare payment to such suppliers for 90 days after the date the supplier first submits a DME claim. According to a House Rules Committee analysis, this period would enable enhanced oversight of such claims.

Subtitle F—Additional Medicaid Program Integrity Provisions

Termination of Provider Participation under Medicaid if Terminated under Medicare or Other State Plan (Sec. 6501)

The PPACA requires states to terminate the enrollment of individuals or entities from their Medicaid programs if the individuals or entities were terminated from Medicare or another state's Medicaid program.

Medicaid Exclusion from Participation Relating to Certain Ownership, Control, and Management Affiliations (Sec. 6502)

Similar to the previous section, this provision requires Medicaid agencies to exclude individuals or entities from participating in Medicaid for a specified period of time if the entity or individual owns, controls, or manages an entity that: (1) has failed to repay overpayments during the period as determined by the Secretary; (2) is suspended, excluded, or terminated from participation in any Medicaid program; or (3) is affiliated with an individual or entity that has been suspended, excluded, or terminated from Medicaid participation.

Reed Smith Analysis

In recent years, a number of pharmaceutical and device manufacturers that have been subject to investigation and enforcement activity by the Office of Inspector General, the Department of Justice, and/or state entities, have opted to have subsidiaries – sometimes all but defunct ones – plead guilty to a criminal kickback charge for which they are excluded from participation in Medicare and Medicaid under the mandatory exclusion provisions of 42 U.S.C. 1320a-7(a). The parent organization or another subsidiary then has continued to conduct business as usual, though typically subject to a Corporate Integrity Agreement.

The cited provision in the PPACA legislation could be interpreted to mean that, if a pharmaceutical manufacturer's subsidiary or affiliate takes a plea and is excluded, then state Medicaid programs must exclude the parent company from Medicaid participation. This in turn means that the parent's products will not be reimbursed by Medicaid programs – in effect, that patients will not have access to that manufacturer's products. This is a draconian measure not previously contemplated as a mandatory matter. Further, such an action could be a predicate for Medicare exclusion as well. There remain some undefined terms in the legislation (for example, the period of exclusion), and it is unclear whether state Medicaid agencies might interpret the provision to allow them to adopt some type of "permissive exclusion" process, rather than have exclusions be automatic.

While at first blush this provision appears to be adverse to providers, suppliers, and manufacturers in the sense that it authorizes additional sanctions, its practical implications in the context of global resolutions of dual-track criminal-civil investigations are less clear. On the one hand, it could arguably provide even greater leverage to prosecutors than already exists. On the other hand, since the exclusion implications of a criminal kickback plea would likely be wholly unacceptable to a manufacturer, it could either act as a barrier to global resolutions, or alternatively might force the parties to consider other sorts of pleas that are not subject to mandatory exclusion (e.g., pleas to FDA violations).

Billing Agents, Clearinghouses, or Other Alternate Payees Required to Register under Medicaid (Sec. 6503)

This section of PPACA requires any agents, clearinghouses, or other alternate payees that submit claims on behalf of health care providers to register with the state and the Secretary in a form and manner specified by the Secretary. This is yet another provision that deals with increased scrutiny of entities that participate in federal health care programs.

Miscellaneous additional provisions include the following:

  • Requirement to Report Expanded Set of Data Elements under Medicaid Management Information Systems (MMIS) to Detect Fraud and Abuse. Requires states and Medicaid managed care entities to submit data elements from MMIS as determined necessary by the Secretary for program integrity, program oversight, and administration. MMIS is the claims-processing system that states are now using to manage Medicaid claims. (Sec. 6504)
  • Prohibition on Payments to Institutions or Entities Located Outside of the United States. Prohibits states from making any payments for items or services provided under a Medicaid state plan or waiver to any financial institution or entity located outside of the United States. (Sec. 6505)
  • Overpayments. Extends the period to one year for states to repay overpayments when a final determination of the amount of the overpayment has not been determined because of an ongoing judicial or administrative process. When overpayments as a result of fraud are pending, state repayments of the federal portion would not be due until 30 days after the date of the final judgment. (Sec. 6506)
  • Mandatory State Use of National Correct Coding Initiative. Requires states to make their MMIS methodologies compatible with Medicare's national correct coding initiative (NCCI) that promotes correct coding and controls improper coding. (Sec. 6507)
  • General Effective Date. The effective date is January 1, 2011. States may be required to amend state plans through legislation. (Sec. 6508)

Subtitle G—Additional Program Integrity Provisions

Prohibition on False Statements and Representations (Sec. 6601)

This provision of PPACA amends ERISA to address potential false statements in marketing materials regarding multiple employer welfare arrangements (MEWAs). Such false statements will result in criminal liability if the statements falsely represent a plan's financial solvency, benefits, or regulatory status.

Clarifying Definition (Sec. 6602)

This is an amendment to Title 18 of the U.S. Code to include the above-discussed ERISA false statement prohibition in the definition of a health care offense.

Development of Model Uniform Report Form (Sec. 6603)

To facilitate consistent reporting by private health plans of suspected cases of fraud and abuse, a model uniform reporting form will be developed by the National Association of Insurance Commissioners, under the direction of the Secretary. This is another data-sharing and coordination provision intended to earlier identify fraudulent schemes and actors.

Applicability of State Law to Combat Fraud and Abuse (Sec. 6604)

PPACA directs the Department of Labor (DOL) to adopt regulatory standards and/or issue orders to prevent fraudulent MEWAs from escaping liability for their actions under state law by claiming that state law enforcement is preempted by federal law. Stated otherwise, this provision attempts to address potential preemption issues under ERISA via DOL regulation.

Enabling the DOL to Issue Administrative Summary Cease-and-Desist Orders and Summary Seizures Orders Against Plans in Financially Hazardous Condition (Sec. 6605)

DOL is authorized to issue "cease and desist" orders to temporarily shut down operations of ERISA plans conducting fraudulent activities or posing a serious threat to the public, until hearings can be completed. If it appears that a plan is in a financially hazardous condition, the agency may seize the plan's assets.

MEWA Plan Registration with the DOL (Sec. 6606)

MEWAs will be required to file their federal registration forms, and thereby be subject to government verification of their legitimacy, before enrolling anyone.

Permitting Evidentiary Privilege and Confidential Communications (Sec. 6607)

PPACA permits the DOL to allow confidential communication among public officials relating to investigation of fraud and abuse.

Health Care Fraud Enforcement (Sec. 10606)

This section of PPACA requires the U.S. Sentencing Commission to review and amend the federal sentencing guidelines and policy statements applicable to persons convicted of federal health care offenses.

This section would deem existing certain criminal offenses to be "federal health care fraud offenses" under the U.S. Criminal Code. Similarly, section 6602 of PPACA also contains language to classify certain criminal ERISA violations as a "federal health care offense." By defining a particular offense as a "federal health care offense," convictions for violations of these listed statutes may be punishable by longer prison terms and/or higher fines. In addition to the ERISA provisions, the new federal health care offenses would include the Anti-Kickback Statute, section 1349 of the U.S. Criminal Code (attempting or conspiring to commit a criminal offense), and section 301 of the federal Food, Drug, and Cosmetic Act.

Section 10606 also extends the general criminal health care fraud statute at 18 U.S.C. section 1347 to add the same language added to 42 U.S.C. § 1320a-7b by section 6401 of PPACA (see discussion infra).


What can be said in conclusion about the PPACA anti-fraud provisions? Well, recently Sen. Charles Grassley (R-Iowa) "typed" a message on Twitter that retold the old story that when all you have is a hammer, everything looks like a nail – to which Sen. Grassley proclaimed (to the President), "I'm no NAIL."6 Unlike Sen. Grassley, under PPACA, health care providers, suppliers, and drug and device manufacturers are all nails.

One problem is the scramble for budgetary dollars and the belief (fed by "60 Minutes" and other media outlets) that budgetary problems can be solved through the elimination of fraud and abuse.7 While there is, of course, fraud, waste and abuse in the system, we are skeptical of the value of $60 billion a year estimated by the administration. Id. PPACA and other recent enactments mean that participants in federal health care programs will be required to operate in conditions of significantly increased paperwork and documentation requirements, increased law enforcement scrutiny, and under the threat of draconian penalties if a mistake or oversight occurs. Like legislative fads before it, there is no general opposition to this stream of "belt and suspenders" statutory enactments on fraud items. Stated otherwise, no politician or interest group is "against" fraud – especially when these provisions are contained in omnibus legislation, and limited political capital is focused on fighting key battles over coverage and reimbursement.

It is therefore uncontroversial advice that entities operating within the confines of federal health care programs redouble efforts on compliance and invest in systems and controls that mitigate the opportunity for government scrutiny. With fewer defensive tools and significant penalties, the risk is higher and companies should invest accordingly.

In addition to the sections discussed above, PPACA contains numerous provisions with program integrity elements. For example, nursing homes have new transparency in ownership requirements, and new ʺsunshineʺ provisions are related to payments by drug and device companies to physicians and teaching hospitals. While those items are discussed in our omnibus memorandum, Reed Smith will be publishing additional detailed memorandum on Life Sciences issues and on Long‐Term Care issues under PPACA.


1 The text of the PPACA as approved is available at http://frwebgate.access.gpo.gov/cgibin/getdoc.cgi?dbname=111_cong_bills&docid=f:h3590eas.txt.pdf

The text of the Reconciliation Act is available at http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=111_cong_bills&docid=f:h4872enr.txt.pdf

Our major analysis of the legislation is available on our website at Reed Smith Issues Major Analysis of the Patient Protection and Affordable Care Act, Focusing on Health Care Provider and Medical Product Manufacturer Impact.

2 42 U.S.C. § 1320a–7b.

3 See, e.g., McNutt ex rel. United States v. Haleyville Medical Supplies, Inc., 423 F.3d 1256 (11th Cir. 2005) (holding that violation of the Anti-Kickback Statute and corresponding submission of claims for which government does not owe payment makes the claim false under the FCA); United States ex rel. Thompson v. Columbia/HCA Healthcare Corp., 125 F.3d at 902 (holding that claimant submits a false or fraudulent claim under the FCA when he or she falsely certifies compliance with a federal statute or regulation); United States ex rel. Hopper v. Anton, 91 F.3d 1261, 1266 (9th Cir. 1996) (holding that false certifications of compliance create liability under the FCA when certification is required to obtain government benefit); United States ex rel. Pogue v. American Healthcorp, 914 F. Supp. 1507, 1511 (M.D. Tenn. 1996) (holding that FCA liability attaches in situations where the claimant submits false records or engages in fraudulent conduct in order to receive payment).

4 In addition, scholars have argued that violations of the anti-kickback law cannot give rise to actions under the FCA. See John T. Boese and Beth C. McClain, "Why Thompson is Wrong: Misuse of the False Claims Act to Enforce the Anti-Kickback Act," 51 Ala. L. Rev. 1 (1999); Lisa Phelps, "Calling Off the Bounty Hunters: Discrediting the Use of Alleged Anti-Kickback Violation to Support Civil False Claims Actions," 51 Vand. L. Rev. 1003 (1998).

5 CMS conducted the round 1 rebid last year, and the agency is expected to announce winning bidders later this year, with contract prices set to go into effect January 1, 2011. For detailed background on the DMEPOS competitive bidding program, see http://www.reedsmith.com/_db/_documents/hc0804.pdf

For Reed Smith's ongoing reporting on this issue, see http://www.healthindustrywashingtonwatch.com/tags/dmepos-competitive-bidding/ .

6 "Pres Obama while u sightseeing in Paris u said 'time to deliver on healthcare' When you are a "hammer" u think everything is NAIL I'm no NAIL" http://blogs.wsj.com/health/2009/06/08/sen-grassley-twitters-health-reform-astory-in-tweets/

7 During the "60 Minutes" episode, it was stated that the health care reform package could be funded entirely with fraud–and-abuse savings. http://www.cbsnews.com/stories/2009/10/23/60minutes/main5414390.shtml

This article is presented for informational purposes only and is not intended to constitute legal advice.

To print this article, all you need is to be registered on Mondaq.com.

Click to Login as an existing user or Register so you can print this article.

In association with
Related Video
Up-coming Events Search
Font Size:
Mondaq on Twitter
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).
Email Address
Company Name
Confirm Password
Mondaq Topics -- Select your Interests
 Law Performance
 Law Practice
 Media & IT
 Real Estate
 Wealth Mgt
Asia Pacific
European Union
Latin America
Middle East
United States
Worldwide Updates
Mondaq Ltd requires you to register and provide information that personally identifies you, including what sort of information you are interested in, for three primary purposes:
  • To allow you to personalize the Mondaq websites you are visiting.
  • To enable features such as password reminder, newsletter alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our information providers who provide information free for your use.
  • Mondaq (and its affiliate sites) do not sell or provide your details to third parties other than information providers. The reason we provide our information providers with this information is so that they can measure the response their articles are receiving and provide you with information about their products and services.
    If you do not want us to provide your name and email address you may opt out by clicking here
    If you do not wish to receive any future announcements of products and services offered by Mondaq you may opt out by clicking here

    Terms & Conditions and Privacy Statement

    Mondaq.com (the Website) is owned and managed by Mondaq Ltd and as a user you are granted a non-exclusive, revocable license to access the Website under its terms and conditions of use. Your use of the Website constitutes your agreement to the following terms and conditions of use. Mondaq Ltd may terminate your use of the Website if you are in breach of these terms and conditions or if Mondaq Ltd decides to terminate your license of use for whatever reason.

    Use of www.mondaq.com

    You may use the Website but are required to register as a user if you wish to read the full text of the content and articles available (the Content). You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these terms & conditions or with the prior written consent of Mondaq Ltd. You may not use electronic or other means to extract details or information about Mondaq.com’s content, users or contributors in order to offer them any services or products which compete directly or indirectly with Mondaq Ltd’s services and products.


    Mondaq Ltd and/or its respective suppliers make no representations about the suitability of the information contained in the documents and related graphics published on this server for any purpose. All such documents and related graphics are provided "as is" without warranty of any kind. Mondaq Ltd and/or its respective suppliers hereby disclaim all warranties and conditions with regard to this information, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall Mondaq Ltd and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use or performance of information available from this server.

    The documents and related graphics published on this server could include technical inaccuracies or typographical errors. Changes are periodically added to the information herein. Mondaq Ltd and/or its respective suppliers may make improvements and/or changes in the product(s) and/or the program(s) described herein at any time.


    Mondaq Ltd requires you to register and provide information that personally identifies you, including what sort of information you are interested in, for three primary purposes:

    • To allow you to personalize the Mondaq websites you are visiting.
    • To enable features such as password reminder, newsletter alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
    • To produce demographic feedback for our information providers who provide information free for your use.

    Mondaq (and its affiliate sites) do not sell or provide your details to third parties other than information providers. The reason we provide our information providers with this information is so that they can measure the response their articles are receiving and provide you with information about their products and services.

    Information Collection and Use

    We require site users to register with Mondaq (and its affiliate sites) to view the free information on the site. We also collect information from our users at several different points on the websites: this is so that we can customise the sites according to individual usage, provide 'session-aware' functionality, and ensure that content is acquired and developed appropriately. This gives us an overall picture of our user profiles, which in turn shows to our Editorial Contributors the type of person they are reaching by posting articles on Mondaq (and its affiliate sites) – meaning more free content for registered users.

    We are only able to provide the material on the Mondaq (and its affiliate sites) site free to site visitors because we can pass on information about the pages that users are viewing and the personal information users provide to us (e.g. email addresses) to reputable contributing firms such as law firms who author those pages. We do not sell or rent information to anyone else other than the authors of those pages, who may change from time to time. Should you wish us not to disclose your details to any of these parties, please tick the box above or tick the box marked "Opt out of Registration Information Disclosure" on the Your Profile page. We and our author organisations may only contact you via email or other means if you allow us to do so. Users can opt out of contact when they register on the site, or send an email to unsubscribe@mondaq.com with “no disclosure” in the subject heading

    Mondaq News Alerts

    In order to receive Mondaq News Alerts, users have to complete a separate registration form. This is a personalised service where users choose regions and topics of interest and we send it only to those users who have requested it. Users can stop receiving these Alerts by going to the Mondaq News Alerts page and deselecting all interest areas. In the same way users can amend their personal preferences to add or remove subject areas.


    A cookie is a small text file written to a user’s hard drive that contains an identifying user number. The cookies do not contain any personal information about users. We use the cookie so users do not have to log in every time they use the service and the cookie will automatically expire if you do not visit the Mondaq website (or its affiliate sites) for 12 months. We also use the cookie to personalise a user's experience of the site (for example to show information specific to a user's region). As the Mondaq sites are fully personalised and cookies are essential to its core technology the site will function unpredictably with browsers that do not support cookies - or where cookies are disabled (in these circumstances we advise you to attempt to locate the information you require elsewhere on the web). However if you are concerned about the presence of a Mondaq cookie on your machine you can also choose to expire the cookie immediately (remove it) by selecting the 'Log Off' menu option as the last thing you do when you use the site.

    Some of our business partners may use cookies on our site (for example, advertisers). However, we have no access to or control over these cookies and we are not aware of any at present that do so.

    Log Files

    We use IP addresses to analyse trends, administer the site, track movement, and gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information.


    This web site contains links to other sites. Please be aware that Mondaq (or its affiliate sites) are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of these third party sites. This privacy statement applies solely to information collected by this Web site.

    Surveys & Contests

    From time-to-time our site requests information from users via surveys or contests. Participation in these surveys or contests is completely voluntary and the user therefore has a choice whether or not to disclose any information requested. Information requested may include contact information (such as name and delivery address), and demographic information (such as postcode, age level). Contact information will be used to notify the winners and award prizes. Survey information will be used for purposes of monitoring or improving the functionality of the site.


    If a user elects to use our referral service for informing a friend about our site, we ask them for the friend’s name and email address. Mondaq stores this information and may contact the friend to invite them to register with Mondaq, but they will not be contacted more than once. The friend may contact Mondaq to request the removal of this information from our database.


    From time to time Mondaq may send you emails promoting Mondaq services including new services. You may opt out of receiving such emails by clicking below.

    *** If you do not wish to receive any future announcements of services offered by Mondaq you may opt out by clicking here .


    This website takes every reasonable precaution to protect our users’ information. When users submit sensitive information via the website, your information is protected using firewalls and other security technology. If you have any questions about the security at our website, you can send an email to webmaster@mondaq.com.

    Correcting/Updating Personal Information

    If a user’s personally identifiable information changes (such as postcode), or if a user no longer desires our service, we will endeavour to provide a way to correct, update or remove that user’s personal data provided to us. This can usually be done at the “Your Profile” page or by sending an email to EditorialAdvisor@mondaq.com.

    Notification of Changes

    If we decide to change our Terms & Conditions or Privacy Policy, we will post those changes on our site so our users are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If at any point we decide to use personally identifiable information in a manner different from that stated at the time it was collected, we will notify users by way of an email. Users will have a choice as to whether or not we use their information in this different manner. We will use information in accordance with the privacy policy under which the information was collected.

    How to contact Mondaq

    You can contact us with comments or queries at enquiries@mondaq.com.

    If for some reason you believe Mondaq Ltd. has not adhered to these principles, please notify us by e-mail at problems@mondaq.com and we will use commercially reasonable efforts to determine and correct the problem promptly.

    By clicking Register you state you have read and agree to our Terms and Conditions