Health care fraud continues to be a top enforcement priority for U.S. prosecutors, and nowhere is this more true than for the medical technology sector. From 2014-2019, the U.S. Department of Justice (DOJ) brought enforcement actions against 67 medtech companies. These actions, which included allegations of kickbacks, unlawful promotional practices, and manufacturing and product quality violations, resulted in criminal and civil fines and penalties totaling more than $1.9 billion. As federal spending on health care increases markedly in response to the COVID-19 pandemic, including a sharp uptick in spending on medical devices and diagnostic and laboratory tests, companies in this space should continue to expect close scrutiny from federal prosecutors, particularly where conduct poses a risk to patient health and safety. Corporate compliance programs — updated and adapted to address current and emerging risk areas — will be essential in mitigating potential actions.
The Years in Numbers: Settlement Statistics
Medtech enforcement activity remained steady throughout the past six years, with a high of 14 settlements in both 2016 and 2019 and a low of eight settlements in 2017. Collectively, the 67 settlements between 2014 and 2019 resulted in more than $1.9 billion in fines, penalties and forfeiture, with $1,425,000,000 in civil damages and penalties and the remaining $525,000,000 in criminal fines and forfeiture.
Number of Criminal and Civil Settlements per Year
The value of settlements ranged widely over the six years studied. Nine settlements were valued at $1 million and below, 31 were between $1 million and $10 million, and 30 settlements were between $10 million and $100 million. Three settlements — one of which involved a skin graft company purchased by Shire Pharmaceuticals — were valued at over $100 million.1 The $350 million Shire case remains the largest False Claims Act recovery by the United States in a kickback case involving a medical device company.
Settlement Value ($MM) per Year
Kickbacks, Unlawful Promotion and Quality Issues Account for Most Medical Technology Cases
Year after year, the DOJ’s dominant enforcement focus remains kickbacks and inducements. Over the past six years, 49% of settlements cited kickbacks and inducements as the alleged misconduct. The second most common allegation — used in 27% of settlements — involved improper promotional practices. Quality or manufacturing issues accounted for 12% of settlements. A small but significant number of settlements fell into the “Other” category. These settlements included, for example, licensing violations and accounted for 12% of settlements.
Types of Misconduct (Total) by Volume
A. Kickbacks and Unlawful Inducements Are the Biggest Risk Area.
As noted, kickbacks and inducements were the most common charges against medtech companies, with 36 resolutions involving allegations of improper payments to prescribers, customers or others in a position to purchase, prescribe or recommend a company’s products. In particular, speaker programs and consulting payments received the closest scrutiny from the DOJ. To a smaller but still significant extent, the DOJ has taken active enforcement measures to address (i) gifts, (ii) manufacturers offering free or discounted practice development and market development support, (iii) improper payments to distributors, including pharmacies, and (iv) improper relationships with and donations to co-pay charitable foundations.
B. Promotional Practices Are the Second Most Common Risk Area.
Promotional misconduct remains an active area of scrutiny by the DOJ and ranks second in its targeting frequency. In particular, prosecutors have focused on conduct that is false and misleading or conduct that presents a substantial risk to patient health and safety. Over the six-year period examined, such behavior included (i) selling medical devices not approved or cleared by the U.S. Food and Drug Administration (FDA), (ii) promoting devices for unapproved uses or (iii) claiming a device produced certain results while lacking sufficient evidence to support the claim. The potential for consumer and patient harm in these cases seems to be the DOJ’s predominant consideration, as reflected in a press release statement that it “will not tolerate companies and individuals that cut corners when it comes to the public’s health.”2
C. Quality Issues Are Less Common — But Often Result in the Most Serious Charges.
Though the DOJ has taken fewer enforcement actions based upon quality and manufacturing violations, this area remains a subject of serious regulatory scrutiny. Of the nine settlements related to quality and manufacturing violations, four were solely civil settlements, three were solely criminal settlements and two involved both a criminal and civil agreement. In total, five of the nine quality and manufacturing settlements contained criminal agreements, reflecting a much higher ratio of criminal to noncriminal resolutions than in other areas. These numbers appear to reflect the government’s willingness to criminally prosecute quality and manufacturing violations, evidenced by a statement in a DOJ press release that the authority is “fully committed to aggressively pursuing those who jeopardize public health by subverting FDA’s regulatory requirements.”3 The resolved cases in this area have involved a variety of quality or manufacturing issues, including the (i) distribution of ultrasound gel contaminated with bacteria, (ii) distribution of contaminated drug delivery devices, (iii) manufacture of sterile solutions in nonsterile facilities, (iv) removal from the market of an adulterated product without notifying FDA and (v) distribution of faulty diagnostic testing devices.
D. Prosecutions of Individuals Remains the Exception, Not the Rule.
Guidance issued in September 2015 by then-Deputy Attorney General Sally Yates emphasizing the importance of individual prosecutions in deterring corporate misconduct4 increased long-standing concerns within companies regulated by the FDA that prosecutors would rely on the responsible corporate officer doctrine to bring criminal cases against individuals.5 Since then, DOJ prosecutors have pursued a significant number of criminal cases against employees and executives of life sciences companies. In 2014 and 2015 combined, the DOJ brought only three cases against individuals. That number increased to three actions against individuals in each of 2016 and 2017, while 2018 saw two individual enforcement actions, and 2019 saw four — the most in the six-year period. Collectively, the DOJ prosecuted 15 individuals in this examined six-year period, and in four actions, prosecutors cited the actual or potential harm to patients as a motivating factor in the enforcement action. Going forward, this focus on individual culpability is likely to continue, including in cases that result in significant patient harm.
Implications for Medical Technology Companies
Medtech companies will continue to be an enforcement priority for federal prosecutors for several reasons. First, federal spending on health technologies continues to increase, bringing with it increased federal oversight and enforcement scrutiny. Second, the most common commercial activities by medtech companies — speaker programs, consulting arrangements, and detailing and promotional activities — have inherent risks. Prosecutors know where and how to look for misconduct and which legal theories are most likely to be successful in those areas. Finally and perhaps most importantly, False Claims Act whistleblowers continue to be the most common trigger for DOJ scrutiny (given the DOJ’s statutory obligation to look into whistleblower complaints), and there is every reason to believe that whistleblower complaints will continue to be filed against medtech companies.
What can and should companies do in response? First, companies should review their compliance programs in light of the risk areas identified above, coupled with their own practices. Financial relationships with those who purchase, prescribe or recommend a company’s product inherently create risk. While compliance policies and training governing such relationships are necessary, companies should consider doing more. For example, prosecutors have access through Sunshine Act reports to detailed information about a company’s financial relationships with health care providers; companies therefore should review such reports for compliance red flags and tailor monitoring and auditing programs. Also, it is no longer sufficient to look solely at company relationships with speakers when assessing speaker program risks; rather, where attendees are provided meals or other things of value, speaker program controls should address program attendees to ensure they have a legitimate need for the information presented and are not “frequent flyers” at such events.
Compliance controls around manufacturing and quality are also essential. Companies should ensure that reporting mechanisms allow legal and compliance departments to have real-time visibility into problems that may pose patient health and safety risk. Companies also need to address and resolve critical monitoring or audit findings, as unaddressed audit findings can be powerful evidence for prosecutors in assessing corporate knowledge. The conventional wisdom that companies should have both a culture of compliance and the resources to operate an effective compliance program remains true. Such investments are important as U.S. prosecutors, aided by whistleblowers, continue to make medtech companies an enforcement priority.
1 See DOJ Press Release “Shire PLC Subsidiaries to Pay $350 Million to Settle False Claims Act Allegations,” Jan. 11, 2017.
2 See DOJ Press Release “OtisMed Corporation and Former CEO Plead Guilty to Distributing FDA-Rejected Cutting Guides for Knee Replacement Surgeries,” Dec. 8, 2014.
3 See DOJ Press Release “Olympus Medical Systems Corporation, Former Senior Executive Plead Guilty to Distributing Endoscopes After Failing to File FDA-Required Adverse Event Reports of Serious Infections,” Dec. 10, 2018.
4 See DOJ Memorandum by Sally Quillian Yates, “Individual Accountability for Corporate Wrongdoing,” Sept. 9, 2015.
5 See Jennifer Bragg, John Bentivoglio & Andrew Collins, Onus of Responsibility: The Changing Responsible Corporate Officer Doctrine, 65 Food & Drug L.J. 525, 533-536 (2010).