With the release of the online submission form, parties
submitting a disclosure through the SDP now have the option to
submit either a written disclosure or use the online form.
The online submission form may provide some advantages over
traditional written submissions because, as the OIG indicates on
its website, the "interactive form will guide you through
making a complete disclosure." The online form includes
steps to input information such as the disclosing entity's
information, the representative's information, and the
disclosure itself. Submitting parties also have an
opportunity to complete a final review before submitting the
However, utilizing the online submission form will not relieve
the submitting party of any burden under the SDP because online
submissions must still comply with the SDP's
requirements. Self-disclosures through the SDP must be highly
detailed and the substantial effort to complete a thorough
investigation of any potentially unlawful conduct before making a
disclosure remains unchanged.
Also of note for individuals and entities considering a
disclosure, the OIG offers the following guidance on the first
page of the online submission form:
"OIG endeavors to work cooperatively with disclosing
parties who are forthcoming, thorough, and transparent in their
disclosures in resolving these matters. While OIG does not speak
for the Department of Justice or other agencies, OIG consults with
those agencies, as appropriate, regarding the resolution of SDP
"During our review and resolution of these matters, OIG
will comply with the Freedom of Information Act (FOIA)."
"SDP submissions must conform to the requirements outlined
in the OIG guidance. Incomplete or premature submissions may
Parties considering whether to make a disclosure often weigh
whether the disclosure could be obtained through a FOIA request and
whether the OIG will consult with DOJ regarding the disclosed
conduct. The OIG provides some limited guidance on these
issues, which will be of interest to parties contemplating a
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C.
The American Bar Association Health Law Section’s July 2014 eSource publication includes an article by Dianne Bourque, Kimberly Gold, and me that provides examples of how risk assessments under the Breach Notification Rule have changed since the HIPAA Omnibus Rule went into effect in September 2013.