HHS Report Reveals Biggest Enforcement Targets of Healthcare Fraud

Enforcement actions against healthcare fraud are on the rise, according to a new report conducted by the Office of Inspector General for the Department of Health and Human Services. The report identified “significant problems, abuses, and deficiencies,” relating to the administration of HHS programs, including Medicare and Medicaid.

The report also offers compliance departments at healthcare companies that provide products and services to the government an important glimpse into what regulators will be focused on in the coming year, through the OIG Work Plan.

Among the most common healthcare fraud schemes identified in the HHS-OIG report include providers or suppliers billing for services or supplies not provided, or not medically necessary; intentionally billing for a higher level of services than provided; mis-reporting data to increase payments; or paying kickbacks to providers for referrals of a certain product or service.

The report serves as a warning to hospitals, medical practices, nursing facilities, pharmaceutical makers, and medical device makers that enforcement efforts against fraud in the healthcare industry are on the rise. In the first quarter of 2013, the OIG obtained an estimated $3.8 billion in total recoveries, including $3.28 billion resulting from Medicare and Medicaid investigations and $521 million from audits.

Unlike civil enforcement actions, which have remained pretty consistent over the last few years, the report also shows a steady rise in criminal actions over the last few years. The OIG brought 647 enforcement actions in fiscal year 2010; 723 enforcement actions in fiscal year 2011; and 778 enforcement actions in fiscal year 2012.

Another trend the report identified is the increasing dollar amount of many settlements and sanctions, says Sarah Crotts, a lawyer with Womble Carlyle. According to the report, investigative receivables obtained from the OIG totaled $3.8 billion in fiscal year 2010; $4.6 in fiscal year 2011; and $6 billion in fiscal year 2012.

Even though the work plan offers companies a framework for where to focus their compliance reviews, says Judy Waltz, a partner with Foley & Lardner, the semiannual report offers actual audit results where particular vulnerabilities have been identified. “Looking at these audit results is every bit as important as looking at the OIG Work Plan, which tells what audits they're planning to undertake during the coming year,” Waltz says.

Inspector General Daniel Levinson said the results reflect a greater degree of cooperation among federal, state, and local law enforcement. “OIG continuously looks for ways to enhance the relevance and impact of our work by engaging and working with our internal and external stakeholders,” Levinson said in a statement.

At the core of these cooperation efforts is the Health Care Fraud Prevention and Enforcement Action Team (HEAT) initiative. Established in May 2009, HEAT is a joint initiative between HHS and the Department of Justice with the mission to prevent and deter fraud, waste, and abuse in the healthcare system.

As part of that initiative, investigations conducted by HEAT's Medicare Fraud Strike Force have resulted in the filing of charges against 148 individuals and entities; 139 criminal actions; and $193.7 million resulting from investigations in the first quarter of 2013.

Data Analytics

Another recent enforcement development by healthcare regulators is the use of sophisticated data analysis tools by HEAT's strike force teams, which could further increase the number of enforcement actions. The analytical tools are used in combination with intelligence gathered from agents in the field and vulnerabilities identified in audits to identify fraud schemes and trends. “All this goes into planning our enforcement activities,” Larry Goldberg, OIG's principal deputy inspector general, said during a recent Webcast on the agency's Website.

“Looking at these audit results is every bit as important as looking at the OIG Work Plan, which tells what audits they're planning to undertake during the coming year.”

—Judy Waltz,

Partner,

Foley & Lardner

“Data analytics has become a growing part of our work,” said Gary Cantrell, OIG's deputy inspector general for investigations, who also spoke during the Webcast.

The proliferation of electronic health records has made it easier for enforcement agencies to cull large volumes of data, says Kenya Woodruff, of counsel in the healthcare practice group of Haynes and Boone. As a result, they are able to detect large over-payments or consistent issues much more quickly, she says.

With the massive amounts of data mined, efforts by HEAT's teams have resulted in over $887 million from investigations and more than 800 criminal actions since 2007 through the first quarter of 2013.

FCA Risks

One of the biggest fraud hotspots under the HEAT initiative, for example, includes violations of the False Claims Act (FCA). Since January 2009, the Justice Department has reported total recoveries of more than $14.7 billion in FCA cases.

The pharmaceutical industry has been a particular target of FCA enforcement actions, commonly resulting from off-label marketing—the promotion of a drug to treat some illness without the Food & Drug Administration's specific approval.

Among the largest settlements identified in the OIG's report, Abbott Laboratories last year agreed to pay $1.5 billion to the OIG and Justice Department over allegations that it illegally promoted the drug Depakote for the treatment of schizophrenia and aggression and agitation in elderly dementia patients. As part of that settlement, Abbott also entered into a five-year corporate integrity agreement (CIA).

In another case cited by the OIG, drug maker Amgen agreed to pay $762 million to resolve charges arising from the sale and promotion of its anemia drug Aranesp. According to the allegations, Amgen promoted uses that were not approved by the FDA; offered illegal kickbacks to influence healthcare providers to select and use its products; and engaged in false price reporting practices. As part of the settlement, Amgen agreed to pay a criminal fine and forfeiture amount of $150 million and entered into a CIA in which it agreed to strengthen its compliance program.

INSIGHTS FROM THE OIG REPORT

Below is a summary of accomplishments from the Department of Health and Human Services.

For the first half of FY 2013, we reported expected recoveries of about

$3.8 billion consisting of over $521 million in audit receivables and about

$3.28 billion in investigative receivables, which includes $642.3 million

in non-HHS investigative receivables resulting from our work in areas such as the States' shares of Medicaid restitution.

We reported exclusions of 1,661 individuals and entities from participation in Federal healthcare programs; 484 criminal actions against individuals or entities that engaged in crimes against HHS programs; and 240 civil actions, which include false claims and unjust-enrichment lawsuits filed in

Federal district court, civil monetary penalties (CMP) settlements, and administrative recoveries related to provider self-disclosure matters.

Health Care Fraud Prevention and Enforcement Action Team

The Health Care Fraud Prevention and Enforcement Action Team (HEAT) was started in 2009 by HHS and the Department of Justice (DoJ) to strengthen programs and invest in new resources and technologies to prevent and combat healthcare fraud, waste, and abuse. HEAT has continued with increasing momentum to identify and hold accountable those who seek to defraud Medicare and Medicaid.

Medicare Strike Force Teams

Medicare Fraud Strike Force teams coordinate law enforcement operations

conducted jointly by Federal, State, and local law enforcement entities. The teams, now a key component of HEAT, have a record of successfully analyzing data to quickly identify and prosecute fraud. The Strike Force began in March 2007 and is operating in nine major cities.

Strike Force Accomplishments—During the first half of FY 2013, Strike Force efforts resulted in the filing of charges against 148 individuals or entities, 139 criminal actions, and $193.7 million in investigative receivables.

Nationwide Takedown—In October 2012, Medicare Fraud Strike Force operations in 7 cities led to charges against 91 individuals, including doctors, nurses, and other licensed medical professionals, for their alleged participation in Medicare fraud schemes involving approximately $429.2 million in false billing. HHS also suspended or took other administrative action against 30 health care providers based upon credible allegations of

fraud.

Strike Force Case—15 defendants were sentenced to a combined 183 Years in Prison for their roles in a $205 million Medicare fraud scheme.

According to the indictment, the American Therapeutic Corporation (ATC) and the American Sleep Institute (ASI) submitted false and fraudulent claims to Medicare for services that were medically unnecessary,

were not eligible for Medicare reimbursement, or were never provided.

ATC paid up to approximately $500,000 monthly in kickbacks in exchange for the recruitment of Medicare beneficiaries for purported mental health therapy and sleep study services at ATC and ASI. The 15 defendants

were also ordered to pay $87 million in restitution, joint and several, as

well as $37,000 in fines.

Source: OIG.

Another significant FCA risk for pharmaceutical and medical products companies stem from overpayments by Medicare. If a healthcare provider identifies billing mistakes in the course of an audit, it has 60 days to refund any over-payments, or risk fraud liability under the FCA.

Having an audit system that can detect questionable billing practices is one way to reduce the risk of running afoul of HHS rules, says Kathleen McDermott, a partner in the law firm Morgan Lewis & Bockius and a former federal healthcare prosecutor. Management and boards should be asking how effective their compliance programs are when it comes to auditing and monitoring processes and procedures, she says.

The starting point is to perform an internal audit of all of the company's transactions, particularly those that involve physicians, Crotts says. “That's a big ordeal; it's not something that most have the time or the resources to do, but it's the simplest way upfront to find a problem rather than wait for a problem to come to light in a big way,” she says.

Payment arrangements between hospitals and physicians are often a common focus of the OIG's enforcement efforts, because physicians are the ones to refer patients, but non-physicians can pose problems as well, says Tony Brett, a lawyer with Womble Carlyle. “You can potentially have kickback problems with any company or person that provides a good or service to a hospital, so you really have to look at all your vendor relationships,” he says.

McDermott recommends that healthcare entities move to a centralized procurement process, where they're tracking such arrangements. They should also annually review these arrangements to ensure they're up-to-date on the latest healthcare rules and regulations, she says.

Effective auditing and monitoring also means practicing “consistent communication, awareness, and collaboration” among all the different divisions and personnel within the healthcare entity, says Woodruff. If employees don't feel that they have an avenue for which to report concerns, “you may be missing a real opportunity to address an issue at the onset,” she says.

The report also reported exclusions of 1,661 individuals and entities from participation in federal healthcare programs; 484 criminal actions against individuals or entities that engaged in crimes against HHS programs; and 240 civil actions.

“The numbers make this a very lucrative activity for the government,” says Waltz. Enforcement continues to be a big priority for the OIG and will continue to be for the foreseeable future.