The risks associated with serving as a compliance officer for a healthcare organization appear to have become more serious. The United States Department of Justice has filed a civil complaint against former Tenet General Counsel and Compliance Officer Christi Sulzbach. The complaint seeks millions of dollars of damages from Ms. Sulzbach personally as a result of a certification she filed with the Office of Inspector General. Interestingly, the Government alleges that every Medicare claim filed by Tenet after her certification constitutes a false claim and creates an opportunity for treble damages and significant civil penalties. The Government asserts that Ms. Sulzbach is personally liable for these damages even though she personally did not participate in the underlying wrongdoing. Ms. Sulzbach’s alleged wrongdoing originated with her signing and submitting annual certifications under a Corporate Integrity Agreement for 1997 and 1998 to the Department of Health and Human Services (HHS) concerning her employer’s compliance with applicable federal healthcare statutes and regulations, including the Stark and Anti-Kickback Statutes. Ms. Sulzbach certified to HHS that Tenet and its various hospitals were in material compliance with these provisions to the best of her knowledge and belief. Unfortunately, after this certification, as a result of a qui tam action by a former Tenet employee, Tenet paid a significant settlement amount with respect to the payment for referrals to certain physicians during 1997 and 1998 at one of Tenet’s hospitals. In conjunction with this settlement, Tenet released communications to Ms. Sulzbach from Tenet outside counsel that indicated that she knew that these payments violated the Stark Act when she made the annual certifications. The Stark violations concerned employment contracts with twelve physicians at Tenet’s North Ridge Medical Center in Fort Lauderdale, Florida. The Medical Center paid these physicians at salaries well in excess of fair market value and incurred a significant loss in the difference between these compensation levels and overall physician collections. Financial analyses created by Tenet and discovered by HHS indicated that the hospital’s main objective in the employment arrangement with the physicians related to revenue from laboratory outpatient referrals from the physicians once they became hospital employees. In violation of the Stark Act, North Ridge billed Medicare for these outpatient laboratory procedures after the physicians were employed at more than fair market value. Prior to her 1997 certification to HHS and in response to an employee complaint, Ms. Sulzbach hired outside counsel to review the employment contracts for these twelve physicians. An outside law firm sent her a report and determined that the physician compensation in this situation was linked to laboratory referrals made by the physicians and that a number of the physicians were paid more than fair market value for their services. Despite that report, Ms. Sulzbach made an overall certification of material compliance for Tenet in 1997 and 1998. It is this certification that caused the Government to seek personal recovery from Ms. Sulzbach for every Medicare claim submitted by Tenet after this certification. There is no evidence that Ms. Sulzbach caused or participated in the employment of the twelve physicians with North Ridge. The physicians’ contracts dated back to 1993 and were executed before Ms. Sulzbach became general counsel. Furthermore, Ms. Sulzbach was based in California and was not typically involved in physician contracts for each of Tenet’s many hospitals. There is evidence that Ms. Sulzbach directed that the physician contracts be modified or terminated after she received the memoranda from outside counsel. Unfortunately, however, these contracts were not actually terminated until early 1999. There are a number of important lessons from this prosecution for any compliance officer in a healthcare organization, even one of a size much smaller than Tenet’s. First of all, a compliance officer needs to understand that his or her actions or inactions can create personal liability. Although the Sulzbach prosecution involved a corporate integrity agreement, there is no guarantee that the government will limit its efforts to healthcare companies with such agreements. This potential liability means that compliance officers must confirm that they are adequately covered by their employer’s directors and officers’ policy and are otherwise indemnified for their conduct. Secondly, compliance officers must be confident that they are being taken seriously by their organizations. If they become aware of a potential problem, they must ensure that their employer will provide the resources and follow-up to investigate and remediate compliance problems. As compliance officers, they are accepting responsibility for identifying and ending illegal activities. Mere recommendations for corrective action are insufficient. Thirdly, compliance officers must understand any certification or report being submitted to a state or federal governmental entity by the compliance officers for their organizations. Compliance officers should be reluctant to sign any document unless they fully understand its contents and have taken the requisite steps to confirm its accuracy. Colin H. Luke is the Chairman of Balch & Bingham, LLP's Health Law Practice Group. January 2008