January 18, 2024
On November 8, 2023, Thomas Tynan, the acting assistant chief of the Department of Justice’s Health Care Fraud Unit, announced in remarks to the Health Care Compliance Association that DOJ will increase its focus on investigating fraud related to Medicare Part C and COVID-19 testing scams. This announcement came on the heels of DOJ’s announcement the prior day that it planned to “substantially” add to its Health Care Fraud Unit, which is already comprised of over 80 prosecutors and dozens of investigators organized into Health Care Strike Forces. It appears DOJ means what it said: in November, DOJ filed a rare criminal indictment in the Southern District of Florida against Kenia Valle Boza arising from misrepresentations Boza made in relation to Medicare Part C. Then, in December, DOJ filed another criminal indictment in the Southern District of New York against Erin Foley and Ted Albin for fraudulent reimbursement and illegal kickbacks in connection with Medicare Part C.
These quick, successive actions from DOJ provide a glimpse into what clients can expect for 2024 when it comes to federal fraud investigations. And while the Valle Boza and Foley-Albin indictments were brought under federal wire fraud and healthcare fraud statutes, DOJ’s announcements and recent indictments also forecast heavier use of the False Claims Act (“FCA”) to investigate fraud relating to Medicare Part C and COVID-19 testing. This is because the FCA is the federal government’s primary tool for deterring fraud against the government, as well as recovering losses resulting from such fraud. As noted below, the FCA covers virtually any type of economic fraud against the federal government, making it an ideal starting point for enforcement agencies and private plaintiffs to investigate and potentially pursue allegations of fraud.
A. Overview of the False Claims Act
While the government most often pursues civil cases under the FCA, the FCA also provides for criminal prosecution when warranted. See 18 U.S.C. § 287. And while criminal FCA charges are relatively rare, the government often employs the criminal FCA in prosecuting medical personnel who commit some nature of healthcare fraud. In that vein, the Department of Health & Human Services’ enforcement division labels the FCA as one of the five most important fraud laws that apply to physicians.
In pertinent part, the civil FCA prohibits knowingly (i) presenting or causing to be presented a false or fraudulent claim for payment or approval; (ii) making or using a false record or statement material to a false or fraudulent claim; (iii) conspiring to violate the FCA; or (iv) avoiding or decreasing an obligation to transfer money or property to the government. See 31 U.S.C. § 3729(a)(1). The FCA imposes steep penalties—violating the FCA exposes a party to treble damages, which is 3 times the amount of damages the government sustains because of the violation, plus statutory damages and potentially pre- and post-judgment interest on the treble damages amount.
Particularly relevant in the interplay between the FCA and Medicare is the prohibition against entities keeping any overpayments made by the government. Under 42 C.F.R. § 422.326, if a Medicare Advantage organization identifies that it received an overpayment from Medicare, the organization must report and return the overpayment within 60 days of first identifying the overpayment. Failure to do so can trigger FCA liability for avoiding an obligation to transfer money to the government. For example, PruittHealth, Inc. agreed to pay $4.2 million to settle DOJ’s allegations that it wrongfully retained Medicare overpayments after learning of the overpayments.
While the statute gives federal prosecutors authority to bring civil and criminal enforcement actions, the FCA is primarily enforced through a unique public-private scheme where a private plaintiff (or “relator”) brings a civil qui tam action in the name of the federal government. The government either may intervene in the action, which gives the government control, or decline to intervene, which permits the relator to maintain control and continue the suit. In addition to their attorney’s fees, relators are entitled to 15-25% of the government’s recovery if the government intervenes or 25-30% if the government declines to intervene.
A cursory review of DOJ’s FCA-related press releases demonstrates the incentive that relators have to bring their whistleblower actions. For example, in 2022, DOJ recovered $260 million from Questcor Pharmaceuticals to resolve FCA allegations. A relator who initiated that suit could be entitled to $39-$65 million.
B. Medicare Part C and COVID-19 Testing Reimbursement
1. Medicare Part C
Medicare Part C, also known as Medicare Advantage, operates like private health insurance where the government shifts payment risk to private sector health plans (Medicare Advantage Plans or “MAPs”). Medicare beneficiaries can opt to enroll in a MAP, often at lower out of pocket costs than “traditional” Medicare Parts A and B. Enrollees in MAPs receive the traditional health benefits covered by Medicare Parts A and B, as well as additional benefits such as vision and dental insurance, hearing care, and prescription drug coverage. These additional benefits are structured to make such plans competitively attractive to potential enrollees choosing among MAPs and are not part of the basic coverages required by Medicare. Medicare prospectively pays MAPs a fixed, per-beneficiary amount (akin to a monthly premium) every month. To determine the amount it pays each MAP, Medicare requires MAPs to provide health information about their enrolled beneficiaries. Based on this health information, Medicare evaluates the plan’s actuarial risk, estimates the cost of care for each employee, and then pays the MAP based on that estimation. This process is called “risk adjustment.”
Because Medicare relies on the MAPs to provide accurate beneficiary health information, inaccuracies in a MAP’s reporting can cause overpayments. For example, if a MAP falsely overstates the severity/complexity of its beneficiaries’ health status, Medicare would likely rely on that reporting to adjust the company’s “risk” (i.e., expected healthcare expenditures) upward, resulting in Medicare paying more each month than what the MAP would otherwise be entitled to receive. This is what DOJ alleges Valle Boza did. Valle Boza was the Director of Medicare Risk Adjustment for HealthSun Health Plans, a company that contracted with Medicare to operate MAPs serving South Florida beneficiaries. DOJ alleged Valle Boza caused coders at Pasteur Health, a conglomerate of clinics that provided health care to HealthSun’s MAP beneficiaries, to enter false diagnosis codes into the medical records of HealthSun beneficiaries. Thus, when HealthSun sought payment under Medicare Part C based on its beneficiaries’ medical conditions, HealthSun requested and received higher risk-adjusted payments than what its beneficiaries actually entitled it to—$53 million to be exact. Notably, although pursuing relatively rare criminal charges against Valle Boza, DOJ declined to prosecute HealthSun. In declining to prosecute, DOJ cited HealthSun’s timely and voluntary self-disclosure of the fraud; its cooperation during the investigation; its timely and appropriate remediation, including improvement of its compliance program and internal controls; and, most notably, HealthSun’s agreement to repay the $53 million overpaid by Medicare.
HealthSun’s $53 million repayment illustrates the staggering FCA recoveries that may result from Medicare Part C investigations, due to the magnitude of payments flowing into MAPs, and the importance of having effective compliance programs and internal controls to avoid being implicated in a fraudster’s conduct.
2. COVID-19 Testing
Similarly, the government’s unrestrained reimbursement of clinical laboratories for COVID-19 testing services left the government vulnerable to overpayment as a result of false claims. A primary example of COVID-19-testing fraud is a healthcare provider ordering and a clinical laboratory performing additional, medically unnecessary tests alongside COVID-19 tests. Depending upon how the testing services were configured, the provider or the laboratory then submits a claim for both the COVID-19 test and the additional tests. Allegations of this nature are what VitalAxis, Inc. paid over $300,000 to resolve in June 2023. The government alleged VitalAxis used one physician’s name and another physician’s Medicare billing number to bill the government for respiratory pathogen tests given alongside COVID-19 tests, despite neither physician having ordered the respiratory pathogen tests.
Another example is a provider double-billing for the COVID-19 tests it offers, receiving reimbursement from both a local or state government and the federal government. United Memorial Medical Center LLC paid $2 million to settle allegations of this nature in December 2023. Yet another variant of health care fraud linked to COVID-19 testing was the outright fabrication of test results, which led to a $26.5 million settlement by Sameday Health in Venice, California in 2022.
In sum, although healthcare has been a hotspot for DOJ investigations prompted by FCA whistleblower actions over the past few years, healthcare companies should be prepared to deal with increased federal investigative activity in 2024, particularly MAPs that receive payments under Medicare Part C or labs that received reimbursement related to COVID-19 testing. Such companies should ensure their compliance programs are adequately staffed, trained, and empowered to combat fraud. Compliance programs that receive internal reports of potentially fraudulent claims must act with haste through competent legal counsel to investigate and, if necessary, self-disclose problematic claims to head off potential whistleblower actions. And they should, again with the advice of counsel, revisit their corporate compliance and ethics policies to confirm the policies are up to date and facilitate the broadest protection possible.
* * *
Hunton Andrews Kurth’s lawyers have years of experience in assisting clients in instances of self-disclosure and negotiating settlements to mitigate risks of whistleblower actions, and are thus equipped to assist clients in reviewing their compliance policies, defending against FCA investigations, and negotiating with federal and state enforcement agencies.