Healthcare enforcement actions take multiple forms.
The most impactful are: 1) civil complaints under the False Claims Act; and 2) criminal indictments. The first can result in substantial damages and penalties, as well as the implementation of an onerous multi-year corporate integrity agreement. Defending an FCA complaint can be expensive and time-consuming, draining resources from a provider's normal operations. Yet, if a company has to pick one of these two outcomes, it is the preferred choice.
But healthcare companies don't get to pick their poison: the government does. And in deciding which of these avenues to pursue, federal prosecutors enjoy substantial discretion. There are plenty of egregious criminal cases - involving fake patients, appalling patient harm, or obviously fraudulent schemes - where both outcomes result.
This article focuses on a far more common scenario where the conduct falls near the boundary, and the question of whether to pursue the case criminally turns on a matter of degree. To be sure, there are wild cards that can impact that assessment process. Availability of investigative and prosecutorial resources and even the interests of a particular prosecutor can play an outsized role in determining the path an individual investigation takes. But for the most part, the framework applied to assess how the government proceeds is predictable and reliable. Understanding which factors get considered - and how they drive outcomes - can be invaluable in formulating a response.
Measuring the dimensions of the conduct
The goal here is to determine how "big" a violation the company committed. The spectrum of measurement runs from isolated instances of violations to that which is effectively systemic in nature. Within this framework, several key factors help to determine the size of the violation:
- Amount of financial harm - how much loss resulted to victims from the conduct (and how much gain did the company realize)?
- Number of violations - how frequently did this conduct occur?
- Nature of the violations - are these major activities requiring the involvement of multiple employees (particularly senior management)
- Geographic scope - if the company has multiple locations, are the violations isolated or has it metastasized to a larger number?
- Length of time - is the conduct limited to a brief period, or has it taken place over an extended period?
- Efforts to conceal - are those engaged in the conduct - particularly senior management - actively working to cover it up?
- Self-disclosure - did the company find this on its own, taking measures to rectify the harm and prevent recurrence?
Evaluating the company's preventative measures
In addition to knowing the size of the problem, the government must consider whether and to what extent the company tried to prevent it. To do that, the government looks to the compliance environment where the conduct occurred, overlaying the degree to which the company implemented a compliance program which tracked "The Seven Fundamental Elements of an Effective Compliance Program" as announced by the Department of Health and Human Services, Offices of Inspector General.
While updated and tailored to various sectors over the past several decades, these elements have remained largely consistent. They include:
- Designation of a compliance officer and compliance committee.
- Development of compliance policies and procedures, including standards of conduct.
- Developing open lines of communication.
- Appropriate training and teaching.
- Internal monitoring and auditing.
- Response to detected deficiencies.
- Enforcement of disciplinary standards.
The government's goal at this stage is to measure the authenticity of the company's preventative measures and responses to identified violations: did the company do what could reasonably be expected given the risks it faced or did just turn a blind eye to the risk of violations in an effort to maximize profitability?
Turning knowledge into action
While some percentage of the company's legal and compliance departments may have an intellectual curiosity about these issues, a far greater number should care because they recognize that "forewarned is forearmed." A company's prior knowledge of how it will be judged when problems arise furnishes a tactical advantage to avoid those problems altogether. At a minimum, understanding how those will be assessed, both qualitatively and quantitatively, provides a leg up on how to minimize the adverse consequences that may result.
This occurs through a candid assessment of the company's compliance structure. To determine whether the company has really done what can reasonably be expected, it should revisit (or, in some situations, undertake as an initial matter) its risk assessment. Investing time to determine the types of problems that can take root and spread - and understanding how that's likely to happen - can pay huge dividends when the company finds itself in the crosshairs (and even if it never does).
Bill Athanas practices at Waller where he represents companies and individuals in all facets of government investigations, including grand jury investigations and other government enforcement actions.