Corporate integrity agreements (CIAs) are a familiar feature of many civil False Claim Act and joint civil/criminal resolutions in healthcare fraud cases. These agreements are entered into between the defendant company and the United States Department of Health & Human Services, Office of Inspector General. Recently, these CIAs have an increased emphasis on the accountability of individuals — particularly officers and directors.
Expanded Board of Director Requirements
While board of director certifications on compliance matters are not new in CIAs, recent CIAs have expanded the scope of board oversight obligations. In September 2013, a CIA with the Hutchinson Regional Medical Center required its board to be responsible for: (a) meeting at least quarterly to review and oversee the center's compliance program, and (b) ensuring that the center adopts "a resolution, signed by each member of the Board summarizing its review and oversight of [the center's] compliance with Federal health care program requirements and the obligations of this CIA."1
In addition to expanding the board's role in overseeing compliance, CIAs are now imposing heightened certification requirements on boards. For example, in Hutchinson's CIA, the board is obliged to certify that it:
... has made a reasonable inquiry into the operations of Hutchinson Regional's Compliance Program including the performance of the Compliance Officer and the Compliance Committee. Based on its inquiry and review, the Board has concluded that, to the best of its knowledge, Hutchinson Regional has implemented an effective Compliance Program to meet Federal health care program requirements and the obligations of the CIA.
These new CIA obligations are transforming the board's CIA obligations from those that have been historically somewhat passive to affirmative obligations that require meetings, review and oversight, and then based a certification that the compliance program is effective and compliant on those affirmative acts. In large organizations where even the most rigorous compliance programs do not catch every violation, including egregious and/or serious ones, these are sobering obligations and certifications.
Expanded Management Certifications
In June 2012, HHS-OIG entered into a CIA with Orthofix, a global medical device manufacturer.2 That CIA broke new ground in terms of the scope and depth of the required management certifications. The management employees who were required to make a certification included the presidents and CFOs of the relevant business units; the CEO of the parent company; and "such other appropriate executives, vice-presidents, and directors, as would be necessary to ensure that there is a certifying officer or employee covering each [relevant] business unit, department or functional area."
The executives must certify that they have been trained on and understand the compliance requirements as they relate to the area under their supervision. Moreover, they must certify that their job responsibilities include ensuring compliance in their area and that to the best of their knowledge their area is in compliance with "all applicable Federal health care programs and FCA requirements, and the obligations of the CIA." Management certifications in the Orthofix CIA also include monitoring and oversight responsibilities.
Clearly, HHS-OIG believes that improving the incidence of compliance at these companies can be accomplished by expanding the number and type of managers who must make certifications, and expanding the scope of their certifications to include being trained on the rules, understanding them and stating that their jobs include ensuring compliance. Time will tell if this is an accurate assessment. However, it is immediately evident that these certifying managers are "on the record" in ways that look and feel more accountable than ever.
What Is Next?
In a relatively recent CIA with Abbott Laboratories, HHS-OIG required a term with respect to compensation of certain sales representatives, namely that there must be a policy designed to "exclude from incentive compensation sales that may indicate off-label promotion of Government Reimbursed Products ... ."3 Given the expansion of management certifications in recent CIAs, it may not be surprising to see the OIG make an effort to include provisions for management incentive compensation in the future.
Is Your Compliance Program Effective?
The trend toward enhanced certifications for management and boards must also be examined in light of the federal government's increased emphasis on holding individuals accountable in the criminal, civil and administrative context. It remains to be seen whether the Department of Justice will seek to leverage a certification that it views as false into a stand-alone criminal, civil or administrative action. However, whether part of a CIA, or ideally in an effort to avoid ever facing the specter of one, an effective compliance program is the best antidote to this type of government enforcement.
1 The Hutchinson Regional Medical Center's CIA is available on the HHS-OIG website. See https://oig.hhs.gov/compliance/corporate-integrity-agreements/cia-documents.asp#h
2 The Orthofix CIA is available on the HHS-OIG website. See http://oig.hhs.gov/fraud/cia/agreements/Orthofix_International_06062012.pdf
3 The Abbott CIA is available on the HHS-OIG website. See https://oig.hhs.gov/compliance/corporate-integrity-agreements/cia-documents.asp#a