It is amusing to listen to companies complain about the burdens of anti-corruption compliance.  It is hard to sympathize when you consider the burdens on other industries, particularly the health care industry.  If the Chamber of Commerce only knew how burdensome and difficult health care regulations can be, they would quickly drop the FCPA ball and sing a new tune for health care reform — or have we seen that television show already?

The Physician Payments Sunshine Act will require companies to record any physician payments or benefits and to annually report this information to the Secretary of Health and Human Services (HHS). While the final rules will be released later in 2012, companies will have to start collecting data beginning in 2013.  For compliance officers, this new requirement is sure to be a nightmare, especially given the fact that most companies use different data systems to collect health care provider payments and benefits.  Companies usually rely on enterprise systems for some of the larger expenses to physicians such as research grants, consulting, and other fees.  Small expenses such as incidental meals are usually recorded in a different expense system.

The new sunshine law was the result of compromise in the health care reform bill.  On the one side, the government and many interested politicians on Capitol Hill believe that drug and device companies are flouting anti-kickback laws by enriching physicians and creating detrimental conflicts of interest.  Initially, Congress and HHS wanted a more stringent regulation of such payments to health care providers.

The compromise solution was disclosure – sunshine is supposed to act as a disinfectant against unhealthy financial relationships between industry and physicians.  Unfortunately, policy makers failed to recognize that not all financial relationships are unhealthy – some in fact may be in the public interest.  As always, the question boils down to the costs of the new disclosure obligations, which seem very prohibitive, and the benefit of disclosure of all financial relationships.

For prosecutors, such information will be a gold mine of leads of potential anti-kickback violations.  While the industry is often complaining about the impact of massive off-label and fraud prosecutions, prosecutors will be able to take a lot of this data, cull it for suspicious relationships and then pursue possible anti-kickback violations with a vengeance.

Under the proposed rules, health care providers and hospitals will need to track all expenses across various divisions and functions.  The design of these payment collection systems will also have to address other legal requirements such as the FCPA. 

The report must include information about the amount of the payment, the date on which the payment was made, the form of payment, and the nature of the payment (e.g., gift, consulting fees, and entertainment). The PPSA also expressly excludes certain types of payments from its disclosure requirements.

Under the PPSA, manufacturers are not required to disclose information concerning the following types of payments or transfers:

  1. A transfer of anything the value of which is less than $10, unless the aggregate amount transferred to, requested by, or designated on behalf of the covered recipient by the applicable manufacturer during the calendar year exceeds $100, subject to increase each year using the consumer price index
  2. Product samples that are not intended to be sold and are intended for patient use
  3. Educational materials that directly benefit patients or are intended for patient use
  4. The loan of a medical device for a short-term trial period, not to exceed 90 days, to permit evaluation of the covered device by the covered recipient
  5. Items or services provided under a contractual warranty, including the replacement of a covered device, where the terms of the warranty are set forth in the purchase or lease agreement for the covered device
  6. A transfer of anything of value to a covered recipient when the covered recipient is a patient and not acting in the professional capacity of a covered recipient
  7. Discounts (including rebates)
  8. In-kind items used for the provision of charity care
  9. A dividend or other profit distribution from, or ownership or investment interest in, a publicly traded security and mutual fund
  10. In the case of an applicable manufacturer who offers a self-insured plan, payments for the provision of health care to employees under the plan
  11. In the case of a covered recipient who is a licensed non-medical professional, a transfer of anything of value to the covered recipient if the transfer is payment solely for the non-medical professional services of such licensed non-medical professional
  12. In the case of a covered recipient who is a physician, a transfer of anything of value to the covered recipient if the transfer is payment solely for the services of the covered recipient with respect to a civil or criminal action or an administrative proceeding

Companies will incur a monetary penalty of $1,000 – $10,000 for each payment not reported (not to exceed $150,000 annually). Intentionally failing to report will result in a penalty of $10,000-$100,000 for each payment (not to exceed $1,000,000 annually).

For global companies, data tracking requirements must also be addressed in international locations since foreign governments are quickly adopting similar rules and regulations requiring data collection.  These companies must also consider relevant data privacy laws and regulations. 

Companies need to update their business processes and systems to be able to aggregate all payments to health care providers.  The data needs to be validated, updated, and maintained.  Once the new processes are defined, a good solution is to provide regular compliance training for the entire organization so all employees are aware of the legal background, business drivers, and reasons for the additional processes and effort. These communications should come from the top down to communicate the importance of the initiative.