Top 10 Issues in Health Law 2023: Fraud & Abuse Issues to Watch
January 2023 I AHLA Health Law Connections I Christopher C. Sabis
For full article with citations, please visit this link:
If there was any pandemic-related slowing of DOJ’s fraud enforcement machine, then it has quickly regained steam. DOJ brought in $5.6 billion in total False Claims Act (FCA) settlements and judgments in 2021, and several of the Department’s stated priorities from February 2022 remain unchanged. We can expect continued enforcement activity in areas like opioids, managed care (Medicare Part C), and medically unnecessary services. Indeed, over $3 billion of the 2021 total came from two opioid-related resolutions, and a number of managed care providers paid significant amounts to settle allegations that they manipulated their risk adjustment scores to make their patients appear sicker than they were and increase their capitated payments. Some FCA issues merit specific attention going into 2023, including health IT, subregulatory guidance, and kickbacks.
DOJ has characterized health IT, including cybersecurity and Electronic Health Records (EHR), as a focus area. Cybersecurity has been at the core of many enforcement actions in recent years. For example, in September 2019, three individuals were indicted for conspiracy to breach a health care provider’s EHR system and steal protected health information. More broadly, EHR systems have been a source of significant FCA settlements, and the area continues to evolve. EHR-related fraud enforcement historically has centered on EHR donation fraud cases, allegations of false meaningful use (MU) attestations, and kickbacks relating to the adoption of particular EHR systems. The most recent EHR settlement is along similar lines. Some EHR-related FCA cases involve a different theory, alleging what I refer to as Substantive EHR Fraud. In these cases, a whistleblower or the government claim that the functions of the EHR system itself are causing or contributing to alleged fraudulent conduct, such as upcoding. It will be interesting to see what fraud enforcement actions arise in the health IT space in 2023.
Subregulatory guidance will continue to be debated in 2023. In the summer of 2021, Attorney General Merrick Garland issued a memorandum rescinding limitations on the uses of subregulatory guidance that DOJ had announced in the Sessions and Brand Memos. The Department subsequently deleted a section on subregulatory guidance from the Justice Manual that it had adopted to expand on and clarify the Brand Memo in particular. A revised version of Justice Manual Section 1-20.000 has not been released. It will be interesting to see if the Department provides additional details on the appropriate uses of subregulatory guidance in FCA cases or simply relies on the broader policies stated in the Garland Memo.
While these will be important topics in 2023, kickbacks remain the most prevalent area of DOJ civil and criminal enforcement. The telemedicine sector is a particular target of Anti-Kickback Statute (AKS) investigations. Alleged kickbacks in telemedicine have resulted in several enforcement actions, including a $64 million settlement related to a nationwide kickback conspiracy and a guilty plea in Kentucky relating to a conspiracy to pay and receive kickbacks in exchange for physician orders for cancer genomic testing.
An interesting case addressing the scope of the AKS is pending in the Middle District of Tennessee. There, the court denied a motion to dismiss kickback claims asserted by the plaintiff states. In doing so, the court ruled that the states could enforce the federal AKS through their respective state FCAs in relation to Medicaid beneficiaries’ incurred medical expenses (IME) payments for services not covered by the applicable state Medicaid programs. The ruling appears unprecedented and inconsistent with other federal law regarding the nature of IME payments. The outcome of this case could have significant implications for the breadth of AKS applicability. Stay tuned.
