The decision could set a precedent for future FCA cases. What matters most under the new landscape is not how a state or federal government labels relevant laws or requirements for payment, but whether the defendant knowingly violates a condition it knows to be material to the Medicaid payment decision. Failure to disclose such a violation could leave the organization non-compliant with the FCA.
The ruling settles the case of Universal Health Services, Inc. v. United States ex rel. Escobar. At the center of the case, a UHS subsidiary, Arbour Health Services, provided mental health services to the Escobars’ daughter, a teenager who died after suffering a seizure in reaction to medication Arbour prescribed. Under the FCA, the Escobars filed a whistleblower suit, known as qui tam, against Arbour, alleging that it had defrauded the government by a lie of omission: failing to disclose that few of their employees were even licensed to provide mental health counseling, to prescribe medications or to offer counseling without supervision.
Its non-compliance with state credential requirements, the Court explains, was “so central to the provision of mental health counseling that the Medicaid program would have refused to pay these claims had it known of these violations.” So while Arbour indeed provided the services it submitted a claim for—in this case, mental health treatment—it defrauded the government by knowingly misrepresenting the quality of that care.
The Court’s FCA decision will have outsized implications for compliance in healthcare, an industry with considerable risk and in many cases, systemically inefficient.
First, as reimbursement methods are overhauled to tie more Medicare and Medicaid reimbursements to quality of care, income for providers will depend on value-based outcomes that they’ll have to validate. Providers will have to demonstrate, explicitly or implicitly, evidence that their treatment is compliant with clinical protocols—a difficult feat in an industry in the midst of re-defining standards of care, often across multiple collaborating providers: providers will be held accountable for their partners’ protocols and standards of care, too. This shift to quality over quantity of care, whereby providers can now be held liable for non-compliance with regulations inexplicit in terms of payment, exposes them to significant penalties under the FCA.
Second, the decision does not recognize FCA complaints filed over inconsequential, or non-material, regulations. But while the Court defines material in multiple ways, it still leaves much room for interpretation. Courts will have to decide whose definition of material is correct: the defendant’s or the plaintiff’s. Depending on individual outcomes, the decision could prove costly for providers.
Third, in light of the Court’s ruling, the definition of a false claim now casts a longer shadow. Providers will likely see an increase in fraud investigations, and an expansion of the scope of allowable discovery in FCA cases beyond misrepresentations of expressly labeled conditions of payment. To argue for or against materiality will require a deeper look at past precedent and may include any evidence of deficiencies in regulatory guidance or standards of practice that would have impacted the government’s decision to pay the claim. The heavier discovery burden will force stragglers to get on board with advanced technologies, such as data analytics and visualization or technology assisted review, in order to gather and comprehend the entire universe of relevant evidence efficiently and effectively.
As both the Court’s ruling and the Justice Department’s recent takedown of 300 suspects charged with defrauding Medicare show, claims under the FCA are only going to increase in this new world of quality-based healthcare. Providers with a static compliance program will leave themselves open to false claims accusations, not only from whistleblowers but also potentially from states looking to make up for budget shortfalls by tapping providers.
To mitigate compliance risk under the new FCA landscape, providers would be well-advised to take the following steps sooner rather than later and work with both regulatory counsel and advisors. Essentially, act as if you are acquiring your business—what type of compliance due diligence would you perform?
Such would include:
- performing and updating compliance risk assessments, mapping specific compliance requirements to relevant preventive and detective internal controls
- requiring regular compliance training
- examining policies and procedures, integrating them with clinical protocols and making “standard of care” clear
- hiring quality counsel to monitor constantly changing regulations and their implications for your facilities
- establishing an Information Governance program with clearly defined data retention and deletion policies to facilitate a timely response in the event of a whistleblower complaint or external investigation and avoid spoliation charges
- self-disclosing any violations
BDO assists healthcare facilities in navigating these complex compliance issues through system strategy redesign, process optimization, proactive and investigative data analytics, and contract management strategy. Our seasoned professionals include healthcare executives, clinical practitioners, forensic technologists, auditors and regulatory specialists.