Health Law Alert: CMS Publishes Updated Stark Law Self-Referral Disclosure Protocol Against Backdrop of Significant Increase in Scope of False Claims Act Penalties
In late March, the Centers for Medicare and Medicaid Services (CMS) issued a new Stark Law Self-Referral Disclosure Protocol (SRDP). Originally enacted as part of the Affordable Care Act, the SRDP was created as a tool for health providers to self-disclose violations of the Stark Law that did not rise to the level of necessitating the disclosure of an Anti-kickback Statute violation under the separate Office of Inspector General Self-Disclosure Protocol. The updated SRDP creates a new standardized format for providers to self-disclose violations of the Stark Law.
The publication of the updated SRDP occurs against the backdrop of significant increases in the scope of penalties under the federal False Claims Act (FCA) going into effect. Per-claim fines under the FCA now range from a minimum of $10,957 to a maximum of $21,916 for every claim submitted in violation of the law, an increase that essentially amounts to almost a doubling of the per-claim fines previously in effect. This is in addition to the treble damages that are also available under the FCA. Meanwhile, the regulatory requirement to report and return “overpayments” within 60 days of identification (with the failure to do so actionable under the FCA) has been in effect for over a year. All of this raises the stakes for providers to act quickly upon discovery of potential Stark Law violations.
Updated SRDP Requirements: A Little of the Good, A Little of the Bad
The Stark Law prohibits physicians from referring Medicare beneficiaries for the provision of certain designated health services to entities with which the referring physician has a financial relationship unless an exception applies. There is no intent element to the Stark Law, which means that if the law is triggered and an exception is not met, a violation has occurred. The SRDP is the tool providers can use to self-report violations, hopefully placing themselves in a position where they incur smaller penalties than they would if the matter came up as part of an action under the FCA.
The previous version of the SRDP did not require a particular form, just a requirement that disclosing parties address certain elements in their submission as a condition of CMS’s acceptance of that submission. The updated SRDP requires the use of a new form that consists of four separate components:
- The SRDP Disclosure Form (seeking information about the entity making the disclosure, its history of noncompliance and the “pervasiveness” of noncompliance);
- The Physician Information Form(s) for each physician included in the disclosure. This asks for details about the physician(s) at issue, including what type of financial relationship they have and details about the specific ownership or compensation arrangement. Note that CMS requires a separate Physician Information Form for each physician;
- The Financial Analysis Worksheet, which must be submitted in Excel-compatible format and include certain information quantifying the potential overpayment for each physician going back over the 6-year look back period in effect under the SRDP; and
- A certification by the disclosing entity to the truthfulness of the information disclosed.
All of these items must be provided for the submission to be considered complete. Parties are also permitted to include an optional cover letter with their submission if they so choose.
The updated SRDP differs from the prior version in a number of ways, including the following:
- The revised SRDP cuts back on some of the information that needed to be provided under the previous version. Disclosing parties are no longer required to submit a description and evaluation of their compliance program or the actual amount of remuneration that flowed to the referring physicians.
- The updated SRDP requires parties to provide information about the “pervasiveness” of the noncompliance. CMS’s instructions make clear that the intent is for the disclosing party to explain how “common or frequent” the noncompliance is, in comparison to similar financial relationships between the disclosing party and physicians.
- The new SRDP includes guidance and examples that might be helpful in interpreting how to disclose complex issues, such as arrangements that implicate the Stark Law’s “stand in the shoes” requirements and self-disclosures that occur in the context of physician “group practices.”
- The new SRDP employs a “check-the-box” function intended to help providers quickly identify whether common elements of exceptions are met, such as whether compensation “takes into account the volume or value of referrals or other business generated.” Parties are still required to provide narrative descriptions of noncompliance, however.
- As noted above, the updated SRDP employs a six-year lookback period for violations. This period runs from the date that the disclosing entity “identified” the overpayment. CMS cites to the definition of “identified” used in the 60-day overpayment regulation, which is the date a person “has, or should have through the exercise of reasonable diligence, determined that the person has received an overpayment and quantified the amount of the overpayment.” CMS also gives example of how this date would be determined.
Use of the new form is mandatory effective June 1, 2017, although parties are permitted to start using the new SRDP now.
Increase in Scope of FCA Penalties Raises the Stakes on Noncompliance
Importantly, in February 2017 the U.S. Department of Justice announced an increase in the per-claim range of penalties under the FCA. FCA defendants are now subject to fines ranging from $10,957 to $21,916 for every claim submitted in violation of the law. In addition, the per-claim FCA penalties will continue to change each year to reflect changes in the inflation rate. The reason for the increase is that FCA penalties have not gone up in amount since 1999. Legislation passed in 2015 attempted to correct this through a “catch up” adjustment.
Updates on the Stark Law and False Claims Act enforcement will be part of Gray Plant Mooty’s 21st annual Health Law Conference, to be held on Thursday, July 20, 2017. Look for information about registration coming soon!
If you have questions about the SRDP or FCA enforcement, please contact Jesse Berg at Jesse.Berg@lathropgpm.com or 612-632-3374 or Catie Bitzan Amundsen at Catherine.Amundsen@lathropgpm.com or 612-632-3277.