This article was first published in the September 12, 2011, issue of the New Jersey Law Journal and is republished here with permission. C. 2011 ALM Media Properties, LLC. All rights reserved.

Recent enforcement actions taken by the federal government against health care industry executives (e.g., CEOs, general counsels, compliance officers and other senior executives) demonstrate that the government has a substantial interest in holding individuals liable for corporate wrongdoing.

The government is currently using to legal tactics to pursue personal liability against health care executives, including revival of the Responsible Corporate Officer Doctrine (RCOD), new guidance setting forth the intention of the Office of Inspector General (OIG) to more broadly invoke its permissive exclusion authority against individuals, and increased prosecutions of health care executives for violations of federal fraud and abuse laws by their companies.

Fortunately, there are practical steps that executives can take to reduce their potential personal exposure from these new government enforcement trends.

Revival of the Responsible Corporate Officer Doctrine

The seminal case on the RCOD is United States v. Park, 421 U.S. 658 (1975), where the Supreme Court upheld the conviction of the president of a national food corporation for exposing food in the corporation's warehouse to rodent contamination, even though the president was not personally involved in maintaining the warehouse. The Court ruled that, under the Food, Drug & Cosmetic Act (FDCA), officers who, by virtue of their positions, have responsibility at a corporation such that they are able to either prevent or correct a violation of law by the corporation, will be held personally liable for the corporation's violation of law, regardless of their personal knowledge of the violation. The Court emphasized the nature of the FDCA as a public welfare statute and the importance of providing sanitary conditions for food offered for sale to the public, as well as the fact that the officer had been on notice of unsanitary conditions in other warehouse locations.

As a result of this precedent, pharmaceutical industry officers face individual liability regardless of their personal involvement in the wrongdoing or intention to commit the wrongful act. The purpose behind the RCOD is to prevent corporate directors and officers from hiding behind an intricate corporate structure in order to shield themselves from liability.

Recently, convictions of pharmaceutical and medical device company executives

under the RCOD are on the rise. For example:

  • In 2007, three executives of the Purdue " Frederick Company and Purdue Pharma LP (Purdue) pleaded guilty under the RCOD to misdemeanor charges of misbranding OxyContin.
  • In 2009, four officers of Synthes Inc. " pleaded guilty to misbranding charges under the RCOD and could face up to one year in prison.
  • In March 2011, the CEO of KV " Pharmaceuticals pleaded guilty to charges of misbranding morphine sulfate under the RCOD and was sentenced to 30 days incarceration.

In all of these cases, the executives were also liable for substantial monetary penalties.

OIG's Broad Exclusion Powers

The ramifications of an individual being excluded from Medicare and other federal heath care programs is devastating — it could effectively mean the end of an executive's career in the industry.

In its "Guidance for Implementing Permissive Exclusion Authority under § 1128(b)(15) of the Social Security Act" (the Guidance), which was issued on Oct. 20, 2010, the OIG set forth its intention to more actively use its permissive exclusion authority to hold individuals accountable based upon the individual's role or interest in a company. According to the OIG, persons with ownership or a control interest in a sanctioned entity could be excluded if they knew or should have known of the conduct that led to the sanction. Moreover, officers or managing employees may be excluded based solely on their position in the entity. "Managing employees" include a general manager, business manager, administrator or director, who exercises operational or managerial control over the entity, or who directly or indirectly conducts the day-to-day operations of the entity.

The OIG has stated that it will operate with a presumption in favor of exclusion, but may consider circumstances or facts that weigh against exclusion. The OIG will consider a series of factors to determine whether to impose a permissive exclusion, which are divided into four main categories: (1) the circumstances of the misconduct and seriousness of the offense; (2) the individual's role within the sanctioned entity; (3) the individual's actions in response to the misconduct; and (4) information about the entity.

There are several recent examples of the OIG's use (or attempted use) of its exclusion authority. First, in connection with the September 2010 OIG settlement by Forest Laboratories over allegations that the company marketed three drugs for off-label uses, distributed a drug that was not FDA-approved and obstructed the government's investigations, the OIG notified the company's CEO Howard Solomon, in April 2011, that it was considering excluding him personally from federal health care programs based on the company's criminal conduct. However, in August 2011, the OIG reversed itself and notified Solomon that it had decided not to pursue his exclusion. Had it occurred, that exclusion would have set an important precedent for the OIG's use of its exclusion authority over corporate executives who are not personally charged with any criminal conduct.

Second, the CEO of KV Pharmaceuticals who pleaded guilty in March to misbranding charges under the RCOD was also excluded by the OIG under its permissive exclusion authority. Third, in 2010, the federal court upheld the 12-year exclusion of the three former Purdue senior executives who pleaded guilty under the RCOD to misbranding OxyContin.

Another ominous sign that the federal government intends to pursue individual exclusions more fervently in the future is the introduction of the "Strengthening Medicare Anti-Fraud Measures Act of 2011." The bill expands permissive exclusion to individuals and entities "affiliated with" sanctioned entities, and it reaches executives of sanctioned companies who had left the company's employment at the time of the conviction, as well as parent companies of shell organizations convicted of health care fraud.

PPACA and Fraud and Abuse Violations

Last year's health reform law included new provisions which have intensified the government's ability to investigate and prosecute fraud and abuse cases against both health care companies and their executives. Some examples of these new changes are as follows:

  • Violations of the Anti-Kickback Statute " do not require proof of actual knowledge of the statute or specific intent to violate the statute, and automatically constitute fraudulent claims under the False Claims Act (FCA).
  • Qui tam actions under the FCA were " expanded by eliminating barriers in the "public disclosure bar," and relaxing the definition of "original source."
  • Drug, device and medical supply manufacturers must report all payments to physicians and teaching hospitals, which information will be publicly available.
  • Nursing homes must disclose their directors, officers and managing employees, organizational structure, and relationships with parties that provide services to, or exercise control over, the facility or its property (all of which will be made public).
  • Enhanced provider enrollment procedures include a licensure check across states, a criminal background check, fingerprinting and unannounced site visits.
  • Providers must disclose current and past " affiliations with other providers, and enrollment may be denied if they pose an undue risk of fraud, waste or abuse.
  • CMS will combine claims and payment " data from various federal agencies into a central repository to help identify fraud, waste and abuse.
  • HHS may suspend payments to any provider or supplier pending an investigation of credible allegations of fraud.
  • There is increased funding to investigate " and prosecute health care fraud.

Further, both the OIG's inspector general, Daniel Levinson, and chief counsel, Lew Morris, have recently stated that the OIG intends to pursue individuals whose companies have committed health are fraud and hold them personally accountable for the fraudulent conduct of their corporations.

Some recent government prosecutions against health care executives include claims against the former CEO and compliance officer of Community Memorial Hospital in California. He ultimately entered into a $64,000 settlement to resolve allegations that he violated the Civil Monetary Penalties Law and the Stark Law for personally negotiating arrangements with physicians that violated the Stark Law.

Also, in 2010, the Department of Justice (DOJ) filed suit against the former associate general counsel for Tenet Healthcare Corporation for allegedly violating the FCA by falsely certifying that Tenet was in compliance with the provisions of a Corporate Integrity Agreement, and failing to disclose that Tenet was violating the Stark Law by billing Medicare for impermissible referrals from 12 physicians. The lawsuit was dismissed because the claims were barred by the applicable statute of limitations; however, the case demonstrates the government's plan to continue to pursue health care executives (including in-house counsel).

The DOJ has also used its obstruction of justice power to bring charges against a former officer of GlaxoSmithKline alleging that the officer concealed documents requested by the FDA and provided false information about the company's alleged off-label use of the drug Wellbutrin.

Conclusions and Recommendations

The message is clear that, if the government has its way, individual liability is a looming and realistic possibility for health care industry executives. Regardless of the success of the government's pursuit of individual liability — so far, it has won some and lost some — the government had made it clear that it will continue to forge ahead and pursue individual executives in order to "set examples," deter improper conduct, encourage self-disclosures and voluntary settlements, and obtain substantial recoveries.

In order to lessen their potential exposure in light of this alarming trend, health care executives should consider the following:

  • Take an active interest in the company's " compliance program, and satisfy yourself that adequate resources are dedicated to the program and that the program is "effective" in detecting and preventing improper conduct.
  • Compliance officers should provide a " comprehensive report (in writing and in person) at least annually to both the board and senior management regarding the compliance department's activities and the overall effectiveness of the compliance program.
  • Every 2-3 years, the board and/or senior " management should engage an outside health care attorney or consultant to audit the effectiveness of the company's compliance program (with the full cooperation of the compliance officer/department), and thereafter, ensure that any recommendations for improvement are timely and fully implemented.
  • Senior executives should be involved in " decisions regarding appropriate corrective actions to take when noncompliance is identified and verified.

In sum, do not be the proverbial ostrich with your head in the sand. You could be held ultimately responsible for your company's wrongdoing, regardless of your direct involvement and/or acquiescence.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.