Civil Monetary Penalties Law: Provider-based billing settlements and increased penalties


On February 20, 2018, the U.S. Department of Health & Human Services Office of Inspector General (“OIG”) announced a settlement with a North Carolina hospital concerning allegations that the hospital had violated the Civil Monetary Penalties Law (“CMP Law”). Specifically, the OIG contended that Scotland Memorial Hospital had improperly submitted claims for sleep diagnostic and treatment services provided at Scotland Sleep Center by a management company contracted with the hospital. The OIG further alleged that the submitted claims did not meet applicable providerbased billing requirements, thereby causing Medicare and TRICARE to overpay the hospital. As a result of the settlement, which followed the hospital’s voluntary self-disclosure of conduct to the OIG, Scotland Memorial Hospital agreed to pay $252,455.56.

There are significant financial incentives, such as higher reimbursement rates, for hospitals to treat certain inpatient or outpatient areas or operations as “providerbased” facilities or organizations of the hospital rather than as freestanding locations. Given these advantages, provider-based facilities or organizations have come under scrutiny in recent years. In its Work Plan for 2017, the OIG announced its intention to “review and compare Medicare payments for physician office visits in provider-based clinics and freestanding clinics to determine the difference in payments made to the clinics for similar procedures.” In addition, the OIG stated that it will “assess the potential impact on Medicare and beneficiaries of hospitals’ claiming provider-based status for such facilities.” The OIG is expected to complete its review and issue its report during fiscal year 2018.

In this environment of heightened scrutiny, Scotland Memorial Hospital is not the first hospital to settle with the OIG over allegations of improper provider-based billings. In 2013, a California hospital agreed to pay $10,000 to settle allegations that it had violated the CMP Law in part due to the submission of claims when it had failed to comply with the federal regulations for provider-based status. Two years later, an Indiana health care provider agreed to pay $5,840,322.54 after the OIG alleged that it had “submitted claims to Medicare and Medicaid that were false or fraudulent because [the provider] maintained a relationship with behavioral health services providers that did not meet applicable provider-based requirements.”

Oftentimes, enforcement actions concerning alleged provider-based billing improprieties are due to non-compliance with criteria with which a hospital must comply but that are in addition to the general requirements necessary for any facility or organization to have provider-based status. In particular, for provider-based facilities or organizations that are not located on the campus of the hospital and are operated pursuant to a management contract, the federal regulations impose the following additional requirements that must be satisfied in order for the facility or organization to receive provider-based status: (i) the hospital (or an organization, other than the management company, that also employs the staff of the hospital) must employ the staff, excluding management staff or staff who furnish patient care services that are payable by Medicare pursuant to certain fee schedules, of the provider-based facility or organization who are directly involved in the delivery of patient care; (ii) the administrative functions of the provider-based facility or organization must be integrated with those of the hospital; (iii) the hospital must have significant control over the operations of the provider-based facility or organization and (iv) the hospital itself must hold the management contract. Failure to meet all of these requirements may result in the submission of improper claims to the federal health care programs.

The financial risks associated with noncompliance with provider-based billing requirements have increased with the passage of the Bipartisan Budget Act of 2018 (“BBA”), which was signed into law on February 9, 2018, and become effective the same day. The BBA significantly increased existing civil and criminal penalties for various fraud and abuse actions affecting federal health care programs. Many civil monetary penalties, including those assessed for the failure to report and refund overpayments or for false or fraudulent claims, doubled. Criminal fines for various health care fraud and abuse actions, including violations of the federal Anti-Kickback Statute, similarly doubled or, in some cases, quadrupled. Lastly, the BBA increased the maximum sentences for felonies relating to federal health care program fraud and abuse, including violations of the federal Anti-Kickback Statute, from five years to ten years.

In light of the consequences for noncompliance, hospitals should view Scotland Memorial Hospital’s settlement with the OIG as well as the significant increases by Congress of the civil and criminal penalties relating to federal health care fraud and abuse actions as a reminder to routinely review their third-party contracts and billing practices concerning its providerbased facilities or organizations in order to ensure that management and billing personnel are familiar with, and abide by, applicable payor coverage requirements.