Cloudy Skies Ahead for Providers? CMS’ Release of Medicare Billing Data Combined with Physician Payment Sunshine Act Data May Boost Fraud Litigation

by Sheppard Mullin Richter & Hampton LLP

In February 2013, we reported (on our Healthcare Law Blog) that the Centers for Medicare and Medicaid Services (CMS) announced the final rule for the Physician Payments Sunshine Act.  In the interest of providing more transparency for patients, the final rule requires pharmaceutical and medical device manufacturers and group purchasing organizations to report payments or transfers of value provided to physicians or teaching hospitals and to report physician ownership and investment interests.  The April 2014 deadline for submission of aggregate data and the May 2014 deadline for the submission of detailed data have now passed.  CMS has already established a website to display that data beginning in September 2014.  In the meantime, also in the interest of transparency, on April 9, 2014 CMS touted the “historic” release of data showing utilization, payments, and submitted charges for services and procedures provided by physicians and other health care professionals to Medicare beneficiaries.  As claimed by CMS, this data covers “880,000 distinct health care providers who collectively received $77 billion in Medicare payments in 2012, under the Medicare Part B Fee-For-Service program” and will enable “a wide range of analyses that compare 6,000 different types of services and procedures provided, as well as payments received by individual health care providers.”  (See press release.  The data is available here.)  The consequences of such unprecedented releases of payment/investment interest and Medicare billing data are significant.

While Medicare billing data has always been available to the Government, Sunshine Act data has not been previously available on this scale.  According to CMS, compliance with the Act’s reporting requirements does not preclude liability under statutes such as the Anti-kickback Act (41 U.S.C. §51 et seq.).  Federal and state prosecutors have already indicated that Sunshine Act reports are a potential source of data for new False Claims Act (FCA) investigations.  Moreover, the data could support an inference of off-label marketing if, for example, a pharmaceutical manufacturer makes payments to physicians in unexpected specialties.

Perhaps of more concern is how the qui tam plaintiffs’ bar will react.  For fiscal years 2009 – 2013, the DOJ used the FCA to recover $12.1 billion in federal health care dollars, and the vast majority came from qui tam cases.  (See here.)  Certainly, Sunshine Act and Medicare billing data can be used to corroborate or lend credibility to allegations made by clients, and therefore be considered when undertaking representation in the first place.  The data can also serve to provide the claims detail necessary to satisfy Rule 9(b) of the Federal Rules of Civil Procedure.  But the data can also be used to generate new allegations in search of a client.  Savvy qui tam counsel can be expected to engage in “data mining” to find suspicious activity and then identify potential insiders who can serve as relators.  This approach has the potential to overcome the FCA’s public disclosure bar.  Actions brought by qui tam plaintiffs, but not the Government, can be dismissed if “substantially the same allegations or transactions” are in the public domain, i.e., “publicly disclosed” in a “Federal criminal, civil, or administrative hearing,” in a “congressional, Government Accountability Office, or other Federal report, hearing, audit, or investigation,” or from “the news media,” “unless … the person bringing the action is an original source of the information.”  (31 U.S.C. §3730(e)(4)(A) & (B), as amended by the Affordable Care Act.)  Although the specific issue of whether data released on the CMS website constitutes a “public disclosure” under the FCA has not yet been litigated, there is a reasonable likelihood that it will be considered as such.  Under the prior version of the FCA, “[c]ourts have … broadly construed the term ‘administrative reports’ to include publicly-searchable databases.”  (U.S. ex rel. Doe v. Staples, Inc., 932 F. Supp.2d 34, 40 (D.D.C. 2013), citing U.S. ex rel. Rosner v. WB/Stellar IP Owner, L.L.C., 739 F. Supp.2d 396, 407 (S.D.N.Y. 2010) (holding that public database on city agency’s website was “an administrative report” subject to FCA’s public disclosure bar); see also Schindler Elevator Corp. v. U.S. ex rel. Kirk, — U. S. –, 131 S. Ct. 1885 (2011) (federal agency’s written response to FOIA request for records constitutes a “report” within meaning of FCA’s public disclosure bar).)  To qualify as an “original source,” an individual must have either “prior to a public disclosure … voluntarily disclosed to the Government the information” or have “knowledge that is independent of and materially adds to the publicly disclosed allegations or transactions, and … voluntarily provided the information to the Government before filing an action.”  (31 U.S.C. §3730(e)(4)(C).)  Insiders should be in a position to provide non-public information that “materially adds” to Sunshine Act or Medicare billing data available on the CMS website, such as internal emails and memos, and thus qualify as original sources under the second prong.

In sum, the release of Sunshine Act and Medicare billing data is likely to increase Government investigations and generally benefit qui tam plaintiffs.  Thus, in anticipation of the release of Sunshine Act data in September 2014 and given the release of Medicare billing data for 2012—which could continue in future years—now is a good time for prudent health care professionals to go back and review compensation arrangements and billing records to ensure that there are no surprises.  And if any irregularities are found, being ahead of the curve provides more options, including potentially seeking entry into the OIG’s voluntary disclosure programs.

Fasten your seatbelts.  We are in for a bumpy year.


DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Sheppard Mullin Richter & Hampton LLP | Attorney Advertising

Written by:

Sheppard Mullin Richter & Hampton LLP

Sheppard Mullin Richter & Hampton LLP on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
Privacy Policy (Updated: October 8, 2015):

JD Supra provides users with access to its legal industry publishing services (the "Service") through its website (the "Website") as well as through other sources. Our policies with regard to data collection and use of personal information of users of the Service, regardless of the manner in which users access the Service, and visitors to the Website are set forth in this statement ("Policy"). By using the Service, you signify your acceptance of this Policy.

Information Collection and Use by JD Supra

JD Supra collects users' names, companies, titles, e-mail address and industry. JD Supra also tracks the pages that users visit, logs IP addresses and aggregates non-personally identifiable user data and browser type. This data is gathered using cookies and other technologies.

The information and data collected is used to authenticate users and to send notifications relating to the Service, including email alerts to which users have subscribed; to manage the Service and Website, to improve the Service and to customize the user's experience. This information is also provided to the authors of the content to give them insight into their readership and help them to improve their content, so that it is most useful for our users.

JD Supra does not sell, rent or otherwise provide your details to third parties, other than to the authors of the content on JD Supra.

If you prefer not to enable cookies, you may change your browser settings to disable cookies; however, please note that rejecting cookies while visiting the Website may result in certain parts of the Website not operating correctly or as efficiently as if cookies were allowed.

Email Choice/Opt-out

Users who opt in to receive emails may choose to no longer receive e-mail updates and newsletters by selecting the "opt-out of future email" option in the email they receive from JD Supra or in their JD Supra account management screen.


JD Supra takes reasonable precautions to insure that user information is kept private. We restrict access to user information to those individuals who reasonably need access to perform their job functions, such as our third party email service, customer service personnel and technical staff. However, please note that no method of transmitting or storing data is completely secure and we cannot guarantee the security of user information. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user information at any time.

If you have reason to believe that your interaction with us is no longer secure, you must immediately notify us of the problem by contacting us at In the unlikely event that we believe that the security of your user information in our possession or control may have been compromised, we may seek to notify you of that development and, if so, will endeavor to do so as promptly as practicable under the circumstances.

Sharing and Disclosure of Information JD Supra Collects

Except as otherwise described in this privacy statement, JD Supra will not disclose personal information to any third party unless we believe that disclosure is necessary to: (1) comply with applicable laws; (2) respond to governmental inquiries or requests; (3) comply with valid legal process; (4) protect the rights, privacy, safety or property of JD Supra, users of the Service, Website visitors or the public; (5) permit us to pursue available remedies or limit the damages that we may sustain; and (6) enforce our Terms & Conditions of Use.

In the event there is a change in the corporate structure of JD Supra such as, but not limited to, merger, consolidation, sale, liquidation or transfer of substantial assets, JD Supra may, in its sole discretion, transfer, sell or assign information collected on and through the Service to one or more affiliated or unaffiliated third parties.

Links to Other Websites

This Website and the Service may contain links to other websites. The operator of such other websites may collect information about you, including through cookies or other technologies. If you are using the Service through the Website and link to another site, you will leave the Website and this Policy will not apply to your use of and activity on those other sites. We encourage you to read the legal notices posted on those sites, including their privacy policies. We shall have no responsibility or liability for your visitation to, and the data collection and use practices of, such other sites. This Policy applies solely to the information collected in connection with your use of this Website and does not apply to any practices conducted offline or in connection with any other websites.

Changes in Our Privacy Policy

We reserve the right to change this Policy at any time. Please refer to the date at the top of this page to determine when this Policy was last revised. Any changes to our privacy policy will become effective upon posting of the revised policy on the Website. By continuing to use the Service or Website following such changes, you will be deemed to have agreed to such changes. If you do not agree with the terms of this Policy, as it may be amended from time to time, in whole or part, please do not continue using the Service or the Website.

Contacting JD Supra

If you have any questions about this privacy statement, the practices of this site, your dealings with this Web site, or if you would like to change any of the information you have provided to us, please contact us at:

- hide
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.