OIG Issues Proposed Rule on Civil Money Penalties

On April 21, 2020, the U.S. Department of Health and Human Services, Office of Inspector General (HHS-OIG) issued a Proposed Rule amending civil money penalty (CMP) regulations. This Proposed Rule seeks to address three topics:

  • The amendment of the Civil Monetary Penalties Law (CMPL), 42 U.S.C. § 1320a-7a, by the 21st Century Cures Act (Cures Act), authorizing HHS to “impose CMPs, assessments, and exclusions upon individuals and entities that engage in fraud and other misconduct related to HHS grants, contracts, and other agreements.”
  • The amendment of the Public Health Service Act (PHSA), 42 U.S.C. § 300jj-52, by the Cures Act, authorizing HHS-OIG to “investigate claims of information blocking” and providing the Secretary of HHS (Secretary) authority to “impose CMPs for information blocking.”
  • The increase in penalty amounts under the CMPL, effected by the Bipartisan Budget Act of 2018 (BBA 2018).
Grants, Contracts, and Other Agreements

Under the Proposed Rule, HHS-OIG will have broad-sweeping authority to impose CMPs, assessments, and exclusions relating to fraud and other misconduct relating to grants, contracts and other agreements. Specifically, HHS-OIG may impose CMPs, assessments, and exclusions of an individual or entity who:

  1. “knowingly presents or causes to be presented a specified claim… under such grant, contract, or other agreement that the person knows or should know is false or fraudulent”;
  2. “knowingly makes, uses, or causes to be made or used, any false statement, omission, or misrepresentation of a material fact in any application, proposal, bid, progress report, or other document that is required to be submitted in order to directly or indirectly receive or retain funds provided in whole or in part by such Secretary pursuant to such grant, contract, or other agreement”;
  3. “knowingly makes, uses, or causes to be made or used, a false record or statement material to a false or fraudulent specified claim under such grant, contract, or other agreement”;
  4. “knowingly makes, uses, or causes to be made or used, a false record or statement material to an obligation… to pay or transmit funds or property to such Secretary… or knowingly conceals or knowingly and improperly avoids or decreases an obligation to pay or transmit funds or property to such Secretary with respect to such grant, contract, or other agreement”; or
  5. “fails to grant timely access, upon reasonable request” to HHS-OIG personnel “for the purpose of audits, investigations, evaluations, or other [HHS-OIG] statutory functions” related to HHS “grants, contracts, or other agreements.”

The Proposed Rule broadly defines “recipient” to include “all persons (excluding program beneficiaries [ ] directly or indirectly receiving money or property under a ‎grant, contract, or other agreement funded in whole or in part by the Secretary, including subrecipients and subcontractors.” Thus, downstream entities that receive funds directly or indirectly could face CMP exposure.

The Proposed Rule provides that penalties for violations would range from $10,000 to $50,000 per offense, but HHS-OIG may impose an assessment of not more than three times the amount involved with the improper conduct in certain instances. Sanctioned individuals and entities would have appeal rights flowing from the imposed penalty.

As noted in our prior alert, we anticipate that HHS-OIG will investigate the disbursement and utilization of funding related to the COVID-19 pandemic. Accordingly, recipients must take caution when electing to accept federal funding under the CARES Act, and ensure that they comply with the Terms and Conditions associated with accepting the funds. Likewise, subrecipients of these funds must be wary of whether the recipient is compliant with the grant requirements to thwart downstream liability.

Information Blocking

The Proposed Rule adds authority for HHS OIG to penalize individuals and entities for information blocking. The proposed rule would not impose new information blocking requirements. Instead, HHS-OIG proposes incorporating regulations recently published by the Office of the National Coordinator for Health Information Technology (ONC) as the basis for enforcing information blocking CMPs. Information blocking is defined as:

Any practice that is likely to interfere with, prevent, or materially discourage ‎access, exchange, or use of electronic health information if this practice is ‎conducted by a developer of certified health information technology (health IT), ‎an entity offering certified health IT, a health information exchange, or a health ‎information network, and the developer of certified health IT, entity offering ‎certified health IT, health information exchange, or health information network ‎knows or should know that this practice is likely to interfere with, prevent, or ‎materially discourage the access, exchange, or use of electronic health ‎information.

In the Proposed Rule, HHS-OIG provides examples for how it would determine single or multiple violations of the information blocking provision for individuals and entities subject to HHS-OIG’s CMPs, such as health information technology developers. Additionally, HHS-OIG explains that information blocking determinations require determining if actors had the right level of intent. The Proposed Rule also highlights expected priorities for enforcement actions. Those priorities would include investigating conduct that resulted in, is causing or has the potential to cause patient harm; significantly impacted a provider’s ability to care for patients; was of long duration; caused financial loss to Federal health care programs or other government or private entities; or was performed with actual knowledge.

The Proposed Rule also seeks to codify the maximum penalty OIG can impose for information blocking ‎violations as $1,000,000 per violation.  A violation is defined as each practice that constitutes ‎information blocking.  However, the OIG is seeking comments on the definition of “violation.”

Increases to Certain CMPs

The Proposed Rule also seeks to increase the amounts of CMPs under the Bipartisan Budget Act of 2018. The proposed penalties would increase the maximum CMPs for (i) improperly filed claims for items and services under a Federal health care program (from $10,000 to $20,000, from $15,000 to $30,000, and from $50,000 to $100,000, depending on the offense) and (ii) payments to induce a reduction or limitation of services (from $2,000 to $5,000 and from $5,000 to $10,000, depending on the offense).

Comment submissions on this Proposed Rule will be open until June 23, 2020, although HHS-OIG is monitoring requests to extend that period in light the COVID-19 public health emergency.

For more information about this Proposed Rule, please contact Kevin Coy or Kara G. Silverman.