Leveraging CIAs as a compliance tool: Analyzing trends to identify and mitigate hospital compliance risks

By Samantha L. Groden, Talia Linneman, and Rebecca J. Merrill

Samantha L. Groden (samantha.groden@dentons.com) is a Senior Managing Associate in the San Francisco office; Talia Linneman (talia.linneman@dentons.com) is a Managing Associate in the Washington, DC, office; and Rebecca J. Merrill (rebecca.merrill@dentons.com) is a Partner in the Atlanta office of Dentons US.

This is the first in a series of articles reviewing corporate integrity agreements and related materials to identify trends in compliance risk. This article’s focus is on hospitals. Future articles on this topic will focus on medical practices, individual healthcare practitioners, and other types of healthcare providers and suppliers.

Recent government enforcement activity serves as an excellent tool for identifying potential risk areas with respect to federal healthcare program compliance and devising strategies to assess and manage those potential risk areas.

Identifying, monitoring, and addressing potential risk areas is a critical component of an effective compliance program. Indeed, the U.S. Department of Health & Human Services Office of Inspector General (OIG) recommends that healthcare organizations participating in federal healthcare programs will, on at least an annual basis, conduct a risk assessment and internal review process pursuant to which the organization will (i) identify and prioritize risks, (ii) develop and implement internal audit work plans related to identified risk areas, and (iii) develop and implement corrective action plans in response to the results of any internal audits performed.[1]

To identify potential risk areas, healthcare organizations can and should consider a variety of sources. Common sources include internal compliance reports, quality evaluations and metrics, the OIG’s annual work plans, and agency-directed audits and inquiries. A robust risk assessment also should include consideration of recent corporate integrity agreements (CIAs) imposed by the OIG, and related materials (e.g., settlement agreements, complaints, and news releases), as these sources provide a wealth of information regarding the agency’s priorities, areas of focus, and compliance programming and performance expectations.[2]

By understanding the circumstances under which the OIG has imposed a CIA, members of the healthcare industry can better understand the agency’s enforcement priorities and identify practices that may require closer scrutiny within their own organization. Unfortunately, while the OIG maintains a publicly available database of its active CIAs, which includes a list of the parties subject to the CIA, copies of each CIA, and, in most instances, corresponding news releases issued by the U.S. Department of Justice in instances where the CIA was part of a settlement,[3] the data is not organized in a way that easily allows for quantitative and qualitative analysis.

This article is the first in a series designed to equip healthcare organizations with actionable data on recent CIA enforcement activity, including identification of trends in the type of covered conduct and compliance activities that may be considered based on those trends. Because compliance risks and business priorities vary by provider type, each article in the series will focus on a particular type of provider or supplier. This article focuses on CIAs recently imposed on hospitals.

Trends among CIAs recently imposed on hospitals

During the period from January 1, 2020, through June 30, 2021, it appears that the OIG imposed six CIAs in which at least one of the parties was a hospital (each a hospital CIA and, collectively, the hospital CIAs).[4] All six hospital CIAs were imposed in connection with a settlement with the Department of Justice of one or more actions brought under the federal False Claims Act (FCA).[5] Notably, several of these settlements also include the state attorney general and/or other state authorities as parties in connection with a settlement of actions brought under the state equivalent of the FCA.

A study of the hospital CIAs noted above, as well as the corresponding settlement agreements and underlying complaints detailing the actions at issue, presents certain trends to the committed observer. In particular, and as detailed further below, the hospital CIAs provide insights into potential risks arising from (i) financial relationships between hospitals and specialty physician groups, (ii) services provided by inpatient psychiatric hospitals, and (iii) provider-based status. The specific allegations underlying these hospital CIAs, and the associated compliance obligations imposed through them, can be leveraged as valuable informational tools for hospitals when developing risk management and compliance strategies.

1. Alleged improper financial relationships between hospital and specialty physician group

For three of the hospital CIAs, the underlying FCA action(s) concerned allegations of an improper financial relationship between the hospital and a specialty physician practice that served as a potential referral source for the hospital.

For example, one hospital CIA arose from a settlement involving alleged violations of the federal Anti-Kickback Statute and federal Physician Self-Referral Law (Stark Law) in connection with the acquisition by a Tennessee-based acute-care hospital of a physician practice specializing in cardiology.[6] Concurrent with the acquisition, the hospital entered into individual employment contracts with the cardiologists and a management services agreement with the cardiology practice. The United States and the State of Tennessee alleged that, through these arrangements, the hospital (i) paid remuneration to the cardiologists to induce referrals of Medicare and Medicaid patients to the hospital (in violation of the Anti-Kickback Statute), and (ii) directly or indirectly paid compensation to the cardiologists that was in excess of fair market value and/or took into account the volume or value of the cardiologists’ referrals of designated health services to the hospital (in violation of the Stark Law). In the relator’s complaint, the relator emphasized that (i) the cardiology practice operated at a substantial loss (e.g., around $5 million in fiscal year 2015), and (ii) the hospital’s CEO explicitly justified these losses by stating (in meetings of the hospital finance committee) that the cardiology practice’s losses were more than offset by downstream income from the cardiologists’ referrals. Notably, the complaint also states that, on September 18, 2015 (almost two months prior to the date that the relator filed his complaint), the hospital’s director of management operations was notified by Centers for Medicare & Medicaid Services that it was requesting a significant number of the cardiology practice’s patient records for review, which may suggest that the government conducted its own investigation of the arrangement. This inference appears supported by the fact that the relator’s complaint did not provide much detail regarding the arrangement between the hospital and the specific cardiology practice that was the subject of the settlement agreement; rather, the complaint focused on the hospital’s relationships with other physician groups (which were not included in the settlement.)[7]

Similarly, a hospital CIA imposed on a California-based healthcare system arose from a settlement involving alleged violations of the Anti-Kickback Statute (and its California Medicaid equivalent) in connection with the acquisition of a cardiology practice and surgical center.[8] The CIA was imposed on the healthcare system’s directly and indirectly wholly owned subsidiaries that provide acute hospital inpatient services. This CIA also involved a settlement of allegations that services were provided and billed by a provider whose Medicare and Medi-Cal billing privileges had been revoked, although this issue was not addressed in the relator’s complaint, and altering of invoices for medical devices, which allegedly inflated the reimbursement amount paid by Medi-Cal and certain other programs, not including Medicare. Notably, this CIA superseded and replaced a CIA entered into between a subset of the healthcare system’s entities and the OIG on August 3, 2018.[9]

Specifically, an affiliate of the healthcare system acquired a cardiology practice and surgical center owned by a local cardiologist. According to the complaint, the practice and surgical center served as competitor of one of the healthcare system’s hospitals.[10] In connection with this transaction, the cardiologist became an employee of the healthcare system affiliate.[11]

The following allegations appear to have been significant:

  • The purchase price paid by the healthcare system affiliate for the cardiologist’s practice and surgery center allegedly exceeded fair market value and was based on, or took into account, the volume and/or value of the cardiologist’s referrals to the hospital. In his complaint, the relator alleged that the purchase price paid by the affiliate ($10 million to be paid over ten years) far exceeded the value of the assets purchased ($1.3 million, not taking into account liabilities), allegedly leading to the conclusion that most of the purchase price was payment to induce the cardiologist to refer his patients to the hospital.

  • Immediately after the acquisition, the healthcare system affiliate shut down the surgery center (which competed with the hospital for cardiac procedures), despite the surgery center being a profitable business and a significant source of revenue for the affiliate. This appears to have caused the United States and the State of California to question the commercial reasonableness of the acquisition and surgery center closure.

  • The salary ($1.2 million) paid to the cardiologist for his professional services allegedly was based on, or took into account, the volume and/or value of his referrals to the hospital. In his complaint, the relator alleged that the cardiologist was paid twice as much as his peers at the healthcare system, and that the cardiologist’s salary was substantially above the 90th percentile compensation ($733,541) reported by the American Medical Group Association for cardiologists in 2017.[12]

Finally, a third hospital CIA arose from a settlement involving alleged violations of the Anti-Kickback Statute and Stark Law pertaining to various arrangements between an Oklahoma-based surgical hospital and a physician practice consisting of orthopedic surgeons. At the time, several of the physician practice’s orthopedic surgeons were owners of the surgical hospital.[13] The United States and the State of Oklahoma found the following alleged arrangements to be problematic:

  • The surgical hospital allegedly provided certain of the orthopedic surgeons with office space, employees, and supplies that were free or below fair market value.[14] For example, according to the relator’s complaint, the surgical hospital allegedly paid the majority of the cost of personal medical assistants for two of the practice’s orthopedic surgeons, who reportedly were significant referral sources for the hospital; in the ordinary course, these costs would have been borne directly by the orthopedic surgeons. The relator also alleged that the surgical hospital provided office space, at no charge, to one of the orthopedic surgeon’s employees, who used the space to manage the orthopedic surgeon’s personal business interests and personal affairs.

  • The surgical hospital also allegedly paid compensation in excess of fair market value for the services furnished by the physician practice and certain of its orthopedic surgeons. This allegation does not appear to have been addressed in the relator’s complaint, and thus may have arisen from an investigation conducted by the government.

  • It also was alleged that two of the practice’s orthopedic surgeons were provided with buyback provisions and payments in their equity in the surgical hospital that were above fair market value. In particular, the relator alleged that the orthopedic surgeons, as significant referral sources for the hospital, were given preferential buyout arrangements, pursuant to which they were allowed to sell, on an annual basis, a limited amount of their equity in the surgical hospital to one of the surgical hospital’s corporate owners for a 6.5 multiple of earnings before interest, taxes, depreciation, and amortization; no other physician-owner of the hospital had this special buyout arrangement.

2. Alleged false claims for services provided by inpatient psychiatric hospitals

While three of the hospital CIAs arose from FCA actions largely predicated on alleged violations of federal healthcare program fraud and abuse laws, two other hospital CIAs arose from FCA actions predicated on false claims for services billed by inpatient psychiatric hospitals (as well as other behavioral health facilities).

One hospital CIA arose from multiple FCA actions alleging that a nationwide healthcare system and its numerous acute-care inpatient psychiatric hospitals and other behavioral health facilities submitted or caused to be submitted false claims for services provided to beneficiaries of Medicare and other federal health programs.[15] Specifically, the United States alleged that these claims were rendered false by the following alleged conduct:

  • Admission of beneficiaries who were not eligible for inpatient or residential treatment (as applicable);

  • Failure to properly discharge beneficiaries when they no longer met the applicable medical necessity criteria for the psychiatric treatment;

  • Improper and excessive lengths of stay;

  • Failure to provide adequate staffing, training, and/or supervision of staff;

  • Billing for services not rendered;

  • Improper use of physical and chemical restraints and seclusion; and

  • Failure to provide inpatient acute or residential care in accordance with federal and state regulations, including, but not limited to, failure to develop and/or update individualized assessments and treatment plans, failure to provide adequate discharge planning, and failure to provide required individual and group therapy.

The healthcare system denied these allegations.

A second hospital CIA arose from allegations that two Ohio-based inpatient psychiatric hospitals and their corporate parent submitted or caused to be submitted false claims to Medicare for inpatient hospital stays for psychiatric services.[16] The United States alleged that these claims were false (among other allegations) because the underlying psychiatric services were medically unnecessary. As alleged in the relator’s complaint, the inpatient psychiatric hospitals employed former patients, referred to as “marketers,” to identify and entice indigent Medicare beneficiaries into voluntarily admitting themselves into the hospital’s facilities with false promises of food, shelter, and/or treatment for drug addiction.[17] The relator further alleged that the inpatient psychiatric hospitals used threats of “judicial hospitalization” and coercion to keep admitted patients at the facility.

3. Alleged false claims pertaining to provider-based status

The covered conduct underlying the sixth hospital CIA does not appear to share commonalities with the other five hospital CIAs discussed above. That said, one of the allegations—pertaining to the provider-based statute—is notable. Specifically, the United States and the State of Florida alleged that an academic healthcare system submitted false claims to Medicare and other federal healthcare programs because (among other reasons) its off-campus clinics submitted claims as if they were hospital-based (i.e., using site-of-service code 22 to attest that the service was hospital based) when they allegedly failed to comply with beneficiary notice requirements (pertaining to coinsurance liability) under Medicare provider-based rules located at 42 C.F.R. § 413.65 .[18] As set forth in one relator’s complaint, while the healthcare system’s clinics provided a notice to Medicare beneficiaries, the notice allegedly was deficient because it merely stated that the beneficiary “may” be seen in a provider-based clinic, but did not state (as required under 42 C.F.R. § 413.65(g)(7) ) the amount of the beneficiary’s potential financial liability or an explanation that the beneficiary “will” incur a coinsurance liability to the hospital that they would not incur if the facility were not provider based.

This document is only available to members. Please log in or become a member.
Become a Member Login
 


Would you like to read this entire article?

If you already subscribe to this publication, just log in. If not, let us send you an email with a link that will allow you to read the entire article for free. Just complete the following form.

* required field

First name field cannot be blank!
Last name field cannot be blank!
We will send you an email that will give you access to this entire article.
Email field cannot be blank!
Enter a valid email!
Company field cannot be blank!
Enter a valid company!
Title field cannot be blank!

We're committed to your privacy. The Society of Corporate Compliance and Ethics (SCCE) & Health Care Compliance Association (HCCA) uses the information you provide us to contact you about our relevant content, products, and services. For more information, check out our Privacy Policy.


About SCCE

The Society of Corporate Compliance and Ethics (SCCE) is a non-profit, member-based professional association. SCCE supports our members' work with education, news, and discussion forums. We are a community of leaders, defining and shaping the corporate compliance environment across a wide range of industries and geographic regions. In developing and maintaining effective ethics and compliance programs, our members strengthen and protect their companies.

952.933.4977

About HCCA

The Health Care Compliance Association (HCCA), is a 501(c)6 non-profit, member-based professional association. HCCA was established in 1996 and is headquartered in Minneapolis, MN. We provide training, certification, and other resources to over 10,000 members. Our members include compliance officers and staff from a wide range of organizations, including hospitals, research facilities, clinics and technology service providers.

952.988.0141

Facebook X LinkedIn
Copyright © 2024 by Society of Corporate Compliance and Ethics (SCCE) & Health Care Compliance Association (HCCA). No claim to original US Government works. All rights reserved. All information provided through this site, including without limitation all information such as the “look and feel” of the site, data files, graphics, text, photographs, drawings, logos, images, sounds, music, video or audio files on this site, is owned and/or licensed by SCCE & HCCA or its suppliers and is subject to United States and international copyright, trademark and other intellectual property laws. Any third party logos and/or content provided herein is owned by such third parties and is used by permission herein. Your use of this site to is subject to our Terms Of Use and Privacy Statement.
Cookie settings