More dollars to battle healthcare fraud on the horizon

fraudHas your practice adopted a corporate compliance program? If not, now is the time to call your healthcare lawyer. That’s because if a proposed federal rule goes into effect a lot more money could be made available to catch those involved in fraud and abuse.

Health and Human Services Secretary Kathleen Sebelius just announced a proposal that would increase rewards for reporting fraud to $9.9 million. While that may sound like a lot, during the last three years the Obama administration has recovered nearly $15 billion in fraud, a big chunk of which came from individual whistleblowers.

Under the proposed changes, a person who provides specific information that leads to the recovery of money may be eligible to receive a reward of 15 percent of the amount recovered, up to nearly $10 million. HHS currently offers a reward of 10 percent up to $1,000 under the current reward program.

With that kind of money on the line, it could become more worthwhile and draw more potential whistleblowers from the woodwork.

Because of that Medicare providers and suppliers should adopt a strict corporate compliance program establishing a culture of compliance or risk the possibility of becoming the target of someone seeking a reward.

Current, future, and former employees, competitors, customers/patients, and vendors not only are potential but the most likely whistleblowers. And it’s not hard. It does not require that a whistleblower case be filed in federal court. They only need to provide useful information and then apply for the reward.

In addition to increasing reward compensation, the proposed rule would also strengthen certain provider enrollment provisions including allowing HHS to deny enrollment of providers who are affiliated with an entity that has unpaid Medicare debt, deny or revoke billing privileges for individuals with felony convictions, and revoke privileges for providers and suppliers who are abusing their billing privileges.

Providers and suppliers who receive reimbursement from Medicare should contact their legal counsel to review their current or proposed business arrangements and discuss the creation and implementation of a formal compliance plan. It could help them avoid becoming a target.

HHS issued a fact sheet on the proposed rule that further outlines the reward program proposals.

OIG Issues Updated Provider Self-Disclosure Protocol

An enlarged photo of a word "fraud"The Department of Health and Human Services Office of Inspector General this week issued an updated provider self-disclosure protocol (SDP) that gives healthcare providers guidance on how to disclose potential fraud, avoid prosecution, and mitigate potential penalties under its civil money penalty authority.

OIG first published the protocol in 1998 as a way for healthcare providers to disclose potential fraud involving federal healthcare programs. Since then, the OIG has resolved more than 800 disclosures resulting in more than $280 million in recoveries to federal healthcare programs.

Some of the most common issues providers disclose include:

  • Billing for items or services furnished by excluded individuals
  • Evaluation and management services and DRG upcoding
  • Duplicate billing
  • Alteration or falsification of records
  • Kickbacks and Stark Law violations

The SDP is organized to provide guidance on what submissions should include for specific types of conduct—improper claims, employment of, or contracting with, excluded individuals and violations of the anti-kickback statute.

Some new features include:

  • Minimum settlement amounts of at least $50,000 for self-disclosures involving kickback-related submissions and $10,000 for all other disclosures to reflect minimum civil monetary penalty (CMP) amounts for such violations.
  • Suspension of the obligation to report overpayments under section 1128J of the Social Security Act Waiver of statute of limitations defenses by disclosing parties.
  • Calculation of damages within 90 days of initial self-disclosure (formerly within 90 days of OIG’s acceptance of submission).
  • Minimum sample size of 100 units and the use of a mean point estimate for billing-related disclosures.
  • Express clarification that manufacturers may use the SDP if at least one of OIG’s CMP authorities is implicated by the conduct.
  • Express recognition of the various damage calculation methodologies that OIG has often used in resolving different types of disclosures (e.g., different damage calculation methodologies for excluded individual disclosures versus kickback-related disclosures)

OIG said it will issue further guidance after CMS issues the 60-day overpayment final rule.

Click here to read the full document.

Miami-Dade therapist sentenced to 4-years for Medicare fraud

Following her conviction on one count of conspiracy to submit false and fraudulent claims to Medicare through her employer — American Therapeutic Corporation (ATC) and a related company, American Sleep Institute — Nichole Eckert a mental health therapist has been sentenced to  four years in prison, followed by three years of supervised release. She also was ordered  to pay more than $72 million in restitution, jointly and severally, with her co-defendants for participating in a $205 million Medicare fraud scheme.

A doctor is being arrested for Medicare fraud.ATC, headquartered in Miami, operated partial hospitalization programs (PHPs) in locations in South Florida and Orlando. According to the U.S. Attorney’s press release, ATC secured patients by paying kickbacks to assisted living facility owners and halfway house owners who would then steer patients to ATC for PHP treatments.

The referred patients were found to be ineligible for the PHP treatments which  ATC billed to Medicare. Funds received from Medicare were laundered by some of the co-conspirators to create cash to pay kickbacks.

Eckert’s role was to fabricate patient files to substantiate Medicare claims and make it appear that ATC patients were qualified for PHP treatment. The false records also showed that patients were receiving the intensive, individualized treatment PHPs are supposed to provide.  Some or the patients were ineligible for PHP treatments. ATC, a related company, Medlink, and dozens of individuals have previously been convicted at trial or pleaded guilty for their participation in the scheme.

Healthcare Fraud – A $60 Million Business

According to a recent Associated Press article published in the New York Times, healthcare fraud is estimated to cost the federal government at least $60 billion a year. These losses are mainly to Medicare and Medicaid and are said to involve “everything from sophisticated marketing schemes by major pharmaceuticals encouraging doctors to prescribe drugs for unauthorized uses to selling motorized wheelchairs to people who don’t need them.”

Despite intensive and increasing regulatory oversight, there seems to be no end to it, with health care fraud increasing and more and more economic pressure placed on providers through decreased reimbursements to save costs. But, the government is working hard and utilizing new high-tech data analysis technologies which have enabled it to track Medicare fraud more efficiently by identifying billing spikes.

The federal government unsealed its indictment on Tuesday, February 28, 2012, of a Texas physician, Dr. Jacques Roy, and his office manager, who were arrested on charges of running a $375 million fraud scheme, the largest in history by an individual physician. The indictment charged that, over a five-year period, Dr. Roy certified 11,000 Medicare beneficiaries for home health services from more than 500 agencies for services that were not medically necessary or were not performed.

The patients were recruited by runners, including home health agency owners, who went door-to-door to recruit Medicare and Medicaid beneficiaries for home health services. He had people sign forms that contained the physician’s electronic signature and a representation that the physician had seen the beneficiaries in their homes.  Some recruiters were paid $50 for every signed form. Dr. Roy faces a maximum prison sentence of 100 years and over $18 million in fines and forfeitures. Millions in reimbursements to the home health agencies have been suspended and the agencies themselves who were knowingly involved in the scheme face exclusion from the Medicare program.

Healthcare providers who believe that they can skate under the radar undetected should be aware of the new tools being implemented by law enforcement to detect fraud. While they may find it easy to run around the statutes in the short run, they will be caught eventually and suffer draconian penalties which stiffen with each round of health care reform. On the other hand, because the various anti-fraud laws and safe harbors are complex and often counterintuitive, many providers unintentionally run afoul of the law without even knowing it, creating for themselves enormous overpayment obligations, fines, and possible prison time.

While most providers would never think of engaging in the fraudulent activities described in Dr. Roy’s indictment, many would be surprised to learn that transactions that are common within the business community, such as the payment of commissions for sales referrals, exchanging in-kind services for referrals of business, and similar transactions, may violate federal and state law.

We have found that most independent contractor arrangements among health care providers incorporate illegal or improper compensation terms, even though the parties intended to comply with the law. They, too, may find themselves ensnared in a legal tangle with government regulators which will be costly at the very least. That is why we encourage anyone engaged in the healthcare industry, either as a direct provider of healthcare services, or a vendor, to seek the counsel of a qualified health lawyer to review their transactions before they are formalized.


The Patient Brokering Act and fee-splitting

Q: I am a member of a group practice that leases the use of an MRI facility for a fixed monthly fee. I also contract with a radiologist outside of my group to provide the interpretation of the test. My physician group then bills an insurance company for the technical and professional components of the service. The group does not bill the Medicare or Medicaid programs. Is the group violating the law?

A: Yes. The type of arrangement that you described is commonly referred to as a “block lease.” If your group was billing the Medicare or Medicaid programs for this service you would likely be violating the Federal Patient Self-Referral Act ( the “Stark Law”) and the Medicare prohibition on marking up diagnostic tests. Many providers are under the mistaken belief that if they are not billing a federal program like Medicare, they do not have to comply with laws governing this type of relationship. In Florida, we have state laws such as the Patient Brokering Act and prohibitions on fee-splitting, which prohibits this type of block lease arrangement.

Click Here for a full story in PDF format.

What to do in case of patient record theft

Q: I am a physician and my office was recently broken into. The perpetrators stole several patient charts that included confidential medical information about my patients. What are my legal obligations to the patients whose records were stolen?

A: The stolen medical files likely contain private health information as well as private financial information. Federal and state laws require healthcare providers to respond when a patient’s record is lost or stolen. Fortunately, if the necessary steps are taken, a healthcare provider can typically avoid federal and state liability for a stolen patient record.

Click Here for a full story in PDF format.

Health Law Alert October 2008


CMS has proposed new rules in an effort to improve the quality of diagnostic testing services provided to Medicare beneficiaries by physician group practices and other physician entities. If enacted, these rules will require group practices that provide diagnostic testing services to Medicare beneficiaries to enroll as independent diagnostic testing facilities (IDTF’s) and to comply with many of the standards in effect for other IDTF’s. This will severely affect physician practices who presently furnish these services.

The current rules allow group practices and other physician entities to enroll as a “physician office” in order to avoid having to comply with the IDTF standards. If required to enroll as an IDTF, physician practices, including sole proprietorships, clinics and physician group practices, will be required to enroll as an IDTF for each practice location that furnishes diagnostic testing services. This may severely impact those physician groups who currently provide the services because they will be required to comply with most of the IDTF standards, including very restrictive supervision standards and other rigorous quality and performance standards. They will also be prohibited from sharing space with other Medicare suppliers.

Click Here for the full story in PDF format.

Health Law Alert Special Issue

We discussed in our recent October, 2008, Health Law Alert a proposal published by CMS that would require physician entities and group practices that provide diagnostic testing services to Medicare beneficiaries to enroll as independent diagnostic testing facilities (IDTF’s). After receiving an outcry of negative comments from affected groups and physicians, CMS, in its Final 2009 Medicare Physician Fee Schedule, abandoned his proposal. This is tremendous news for affected physician entities and groups because enrolling as an IDTF imposes rather rigorous compliance standards which are presently in effect for other IDTFs. Physician groups may continue to be enrolled as a “physician office” in order to avoid complying with the IDTF standards.

CMS did not completely rule out possibility of future rulemaking. According to CMS, “we are deferring the implementation of the [physician IDTF] proposals while we continue to review the public comments received on this provision and we will consider finalizing this provision in a future rulemaking effort if we deem it necessary.” However, as it stands now, except for mobile entities, physician entities and group practices that provide diagnostic testing services will not be required to enroll as IDTFs. CMS did, however, finalize regulations requiring enrollment for mobile entities that provide diagnostic services.

Look out for our November, 2008, Health Law Alert, coming soon. In that issue, we will outline a number of regulations affecting physician practices contained in the 2009 Medicare Physician Fee Schedule.

For a PDF version, Click Here.

Health Law Alert – November 2009


QUESTION: Can a health care provider charge interest on the late payment of deductibles, copayments, and coinsurance for private pay patients, patient’s insured through plans other than managed care plans, Medicare beneficiaries, or Medicaid recipients?

SHORT ANSWER: A health care provider may charge its private pay patients, its patients insured by managed care plans, its patients insured by plans other than managed care plans, and Medicare beneficiaries interest unless the relevant contract between the health care provider and the carrier specifically precludes charging interest.

DISCUSSION: Interest is assessed as of the date payment was due. For medical service copayments, payment is due on the date that services are rendered. For medical service coinsurance and deductibles, payment is due on the date that the coinsurance or deductible is ascertainable. That is, either upon verification from the patient’s insurance carrier or adjudication by the carrier and issuance of an Explanation of Benefits (“EOB”).

While Florida Statutes and Medicare are silent as to this narrow issue of whether a provider may assess interest for late payment of copayments, deductibles, and coinsurance, we believe that interest is the cost of extending credit, or a missed business opportunity, rather than an attempt to charge the patient in excess of the Medicare allowable. As long as the provider assesses interest for late payments of coinsurance, copayments, and deductibles indiscriminately and provided that the interest does not violate Florida’s usury laws (currently 18% simple interest per annum), charging interest on late payments should not violate federal laws.

It is our recommendation that providers add language regarding interest for late payments to their statement of financial responsibility and authorization to treat forms. But, if you are charging interest on payment plans, be careful to determine whether you qualify as a “creditor” under the pending FTC “Red Flag Rules” which are intended to guard against identity theft. See our brief article below. Please contact us if you would like our assistance with the drafting or modification of these forms.

The Federal Trade Commission, in its announcement released on October 30, 2009, once again, delayed enforcement of the “Red Flags” Rule until June 1, 2010 at the request of Members of Congress. The rule, which was supposed to have taken effect on November 1, 2009, was promulgated under the Fair and Accurate Credit Transactions Act. It is applicable to “financial institutions” and “creditors,” which have “covered accounts.” Entities subject to the Red Flag Rule are required to develop and implement written policies and procedures designed to identify, detect, and respond to certain indications of identity theft referred to by the FTC as “red flags.” Now,
with the new enforcement date delayed until June 1, 2010, financial institutions and creditors have until then to develop and implement their “Red Flag” policies and procedures.

For a copy of the FTC press release, visit our website at

What is a creditor? According to the FTC, a creditor is an entity that regularly accepts deferred payment for goods and services. If you regularly permit patients to pay for your professional services in multiple payments over time or pursuant to a payment plan, you may be a creditor in the eyes of the FTC and may be required to comply with the new Red Flag Rules. You may also be subject to the Red Flag Rules when you maintain medical and billing records containing the patient’s name, address, and other personal identifying and financial information. The standard is whether there is a reasonably foreseeable risk of identity theft associated with those records. Smallbusiness and sole proprietorship accounts are typically viewed as covert accounts that exhibit such risks. Accordingly, most medical practices should adopt procedures to enable them to identify and detect relevant warning signs (“red flags”) of identity theft. Please contact us if you need assistance in developing appropriate policies and procedures to comply with the Red Flag Rules

For a PDF version, Click Here.


Specializing in all areas of health law including fraud and abuse, bioethics, health care business transactions, HIPAA, compliance programs, pharmaceutical, managed care, clinical trials, medical staff issues, contracting and licensure issues.


(888) 491-1120