OIG's Fraud Risk Indicator: Strategic implications for resolving exclusion liability

By Patrick Garcia

Patrick Garcia (pgarcia@hallrender.com) is an attorney with Hall, Render, Killian, Heath & Lyman PC in Annapolis, MD.

The Office of Inspector General for the U.S. Department of Health and Human Services (OIG) recently unveiled the use of a new tool called the Fraud Risk Indicator. OIG’s stated purpose behind this new initiative is to provide more transparency to industry stakeholders (e.g., patients, family members, healthcare industry professionals) regarding OIG’s risk assessment of a party to a False Claims Act (FCA) settlement and where that particular party falls on the OIG exclusion risk spectrum in cases where there is no corporate integrity agreement (CIA).

OIG has the authority to exclude any individual or entity from participation in the federal healthcare programs if they engage in certain healthcare fraud conduct. The government’s primary tool for enforcing healthcare fraud violations is the FCA. Most FCA cases where the government alleges fraudulent conduct are resolved through settlement agreements in which the settling parties do not admit liability. OIG’s permissive exclusion authority under section 1128(b)(7) of the Social Security Act[1] is oftentimes implicated in the context of FCA healthcare fraud cases, because conduct that allegedly violates the FCA can also trigger exclusion liability. As a result, OIG is typically a party to FCA healthcare settlements in order to resolve its permissive exclusion authority. In determining whether it should exercise discretion under its exclusion authority, OIG evaluates future risk to the federal healthcare programs based on information gathered during the FCA case and applies certain factors and exclusion criteria[2] to assess where a settling party falls on the OIG risk spectrum (see Figure 1).

Figure 1: Risk spectrum

The OIG risk spectrum contains five different categories, and exclusion authority is resolved differently for each level of risk. OIG laid out the risk spectrum for the first time in its April 2016 exclusion authority criteria.[3] At the lowest level of risk, OIG releases its exclusion authority when a party self-discloses the conduct. The next category, in which OIG does not release its authority but takes no further action, is reserved for situations either involving successor liability or relatively low financial harm in the absence of egregious conduct. At a medium risk level, OIG determines that an integrity agreement (CIA) is appropriate to protect the federal healthcare programs and beneficiaries, and the party agrees to enter into a CIA in exchange for a release of OIG’s exclusion authority. At what OIG terms “High Risk – Heightened Scrutiny,” OIG determines that a CIA is necessary to protect the program, but the settling party did not agree to one. And finally, at the highest risk level, OIG will pursue exclusion.

This document is only available to members. Please log in or become a member.
Become a Member Login
 


Would you like to read this entire article?

If you already subscribe to this publication, just log in. If not, let us send you an email with a link that will allow you to read the entire article for free. Just complete the following form.

* required field

First name field cannot be blank!
Last name field cannot be blank!
We will send you an email that will give you access to this entire article.
Email field cannot be blank!
Enter a valid email!
Company field cannot be blank!
Enter a valid company!
Title field cannot be blank!

We're committed to your privacy. The Society of Corporate Compliance and Ethics (SCCE) & Health Care Compliance Association (HCCA) uses the information you provide us to contact you about our relevant content, products, and services. For more information, check out our Privacy Policy.


About SCCE

The Society of Corporate Compliance and Ethics (SCCE) is a non-profit, member-based professional association. SCCE supports our members' work with education, news, and discussion forums. We are a community of leaders, defining and shaping the corporate compliance environment across a wide range of industries and geographic regions. In developing and maintaining effective ethics and compliance programs, our members strengthen and protect their companies.

952.933.4977

About HCCA

The Health Care Compliance Association (HCCA), is a 501(c)6 non-profit, member-based professional association. HCCA was established in 1996 and is headquartered in Minneapolis, MN. We provide training, certification, and other resources to over 10,000 members. Our members include compliance officers and staff from a wide range of organizations, including hospitals, research facilities, clinics and technology service providers.

952.988.0141

Facebook Twitter LinkedIn
Copyright © 2024 by Society of Corporate Compliance and Ethics (SCCE) & Health Care Compliance Association (HCCA). No claim to original US Government works. All rights reserved. All information provided through this site, including without limitation all information such as the “look and feel” of the site, data files, graphics, text, photographs, drawings, logos, images, sounds, music, video or audio files on this site, is owned and/or licensed by SCCE & HCCA or its suppliers and is subject to United States and international copyright, trademark and other intellectual property laws. Any third party logos and/or content provided herein is owned by such third parties and is used by permission herein. Your use of this site to is subject to our Terms Of Use and Privacy Statement.
Cookie settings