The U.S. Department of Health and Human Services Office of Inspector General (OIG) Provider Self-Disclosure Protocol (SDP) provides a well-established and important avenue for all health care entities subject to OIG's CMP authorities to proactively address and resolve fraud and abuse concerns. Utilizing the SDP can help mitigate potential penalties, promote transparency, and demonstrate an organization's strong commitment to compliance and ethical conduct.
The OIG maintains a list of self-disclosure settlement summaries that offers valuable insight into the types of issues most frequently identified and resolved through the SDP. A review of these settlements reveals several recurring themes, including:
- Employment or engagement of an excluded individual or entity
- Billing for services not covered or not actually rendered
- Upcoding or duplicate billing
- Improper arrangements under Federal fraud and abuse laws, namely the anti-kickback statute (e.g., referral-based compensation or ownership and investment interests, service or leasing arrangements that are not fair market value, gifts and other free items or services to referral sources or beneficiaries)
- Insufficient medical necessity documentation
- Services by non-enrolled or uncredentialed providers
- Cost report inaccuracies or misclassifications
- Improper use of provider numbers or reassignment of benefits
Effective compliance monitoring and auditing enable organizations to identify potential issues before they escalate or surface through government investigations or whistleblower complaints. Once an issue is identified, the critical question becomes how best to resolve it – often a decision involving repayment to a payor or disclosure to OIG. This determination is highly fact-specific and depends on factors such as knowledge and intent, the duration and pattern of conduct, leadership involvement, financial impact, and the entity's overall level of risk tolerance.
Early detection – allowing time to evaluate and determine an appropriate course of action – underscores the value of proactive compliance functions in mitigating risk and litigation exposure while reinforcing organizational integrity. One of the most effective steps an entity can take to achieve these outcomes is to conduct regular compliance program effectiveness reviews. Having a corporate compliance program is not enough. It must be comprehensive and effective. These reviews help ensure that compliance structures, reporting systems, and internal controls are functioning as intended and identify potential concerns, as well as opportunities for improvement in light of evolving governmental (including but not limited to OIG and CMS) guidance, business practices, and enforcement trends.
Key Takeaways
- When conduct implicates fraud and abuse laws, the OIG SDP provides a structured and transparent mechanism for resolution.
- Early identification of potential issues supports informed decisions about whether repayment or disclosure is appropriate.
- Regular compliance program effectiveness reviews help ensure that compliance infrastructures evolve in step with current government guidance.
