Do Tell! Encourage Internal Reporting of Compliance Issues
Promote a compliant environment within your organization, before the whistle is blown.
The most notable Medicare fraud cases in the last five years have been whistleblower cases in which someone with inside knowledge of a health system or physician practice (usually an employed physician or administrator) files suit against the employer under the federal False Claims Act. There are things you can do in your practice right now to prevent becoming the next whistleblower case defendant.
How Whistleblowing Has Grown
Essentially, a whistleblower files a case on the government’s behalf, claiming fraud against the government. The plaintiff “blows the whistle” on activities considered inappropriate under federal healthcare laws. The U.S. attorney for the district in which the case was filed can choose to intervene in the case. The case remains secret, or “under seal,” for at least 60 days; although, extensions are granted for much longer periods while the government investigates and decides whether to intervene.
Whistleblowers are incentivized to file because they receive a portion of the settlement or judgment amount — often as much as 25 percent of what the government recovers — if the government intervenes. If the government does not intervene, the whistleblower can continue the case and is entitled to 25 to 30 percent of the recovery.
These cases — also called qui tam cases — deal mostly with Medicare billing fraud (e.g., upcoding, double billing, and similar bad acts). Of late, more cases have involved physician compensation. These usually allege that a system is paying employed or contracted physicians too much money, with the “too much” part alleged to be kickbacks for referrals of ancillary services.
According to the Nolan Auerbach law firm, since 1986 there have been 5,279 healthcare whistleblower actions filed, with awards totaling $3.2 billion. Thirty-eight percent of those actions were filed in just the past five years (an average of 399 a year), along with nearly half of the total awards paid.
Internal Reporting Provides a Solution
With whistleblower activities rampant, the key to not becoming the next whistleblower case defendant is making sure the accusing employee visits your office to make a complaint, rather than the office of a whistleblower attorney.
How do you promote internal reporting?
Knowledge. Show employees that you have your legal ducks in a row. Implement a compliance program and train employees on legal issues. Bring in outside counsel. Create a high standard of legal knowledge for your organization to use.
Culture. Empower those in charge of compliance to keep current on legal issues. Create a culture in which conversations about compliance issues are encouraged, not shunned. Communicate clear lines for reporting concerns. Have regular compliance training and messages.
Organizations also may be able to contractually require employees to report concerns internally before blowing the whistle to the government.
A 2013 case in the Northern District of Illinois gives some legal credence to employers’ requests that employees sign statements requiring them to report internal compliance concerns before disclosing them. In U.S. v. AARS Forever, Inc., and THH Acquisition LLC 1 a motion to dismiss was put before the court. Two employees of the healthcare company had signed an “Employee Confidentiality, Non-Compete and HIPAA Agreement.” It covered the usual confidentiality terms: “I will not copy, reproduce, or take with me the original or any copies of said Confidentiality Information, and I will not disclose any of said Confidential Information to anyone.” This is an attempt to prohibit whistleblower actions. To further prevent it, the agreement required the employees to turn over any whistleblower rewards to the company:
I agree that I cannot receive any monetary reimbursement for involvement or assistance in a Qui Tam or Whistleblower action against the Company. If I am awarded such directly or indirectly, I will immediately disclose it to the Company and turn it over to the Company immediately. Furthermore, I agree that I am in violation of this agreement if I release company information that reveals suspect practices or investigations or if I use knowledge of such information to harm the Company reputation…. I agree that the company cannot be responsible for suspect practices that it would otherwise be unaware if not made specifically aware of them by staff. I agree to notify the Company in writing immediately if I suspect practices that may be of concern.
The whistleblowers also signed a company form attesting they were unaware of any suspect business practices, and agreeing that the employer can’t be responsible for suspect business practices of which it’s not informed.
Despite signing these forms, the whistleblowers never reported any suspect Medicare billing fraud activities to the employer. In response to the whistleblower lawsuit, the employer counterclaimed, alleging breach of contract. The employer argued that the employees had agreed contractually not to file whistleblower claims. The employer sought indemnification and damages for the breach.
The whistleblowers responded by asking for a motion to dismiss based on only the pleadings, saying that agreements like those quoted above are against public policy and are not enforceable. They argued that “the detection and exposure of potential fraud against the United States” is important, and that allowing these types of agreements to be enforced “thwarts that interest by chilling would-be [whistleblowers] from coming forward with evidence of fraud, thereby hindering investigations.”
The judge cited precedent allowing previous employers to sue whistleblowers, “where the conduct at issue is distinct from the conduct underlying the” whistleblower case, as well as in situations of libel, defamation, malicious prosecution and abuse of process by the employees. Because the employer “pleaded facts that place their counterclaims comfortably in at least one of the two categories, the counterclaims cannot be dismissed on the pleadings as contrary to public policy.”
Require Reporting as Part of a
Comprehensive Compliance Program
Put simply, the court decision shows it may be worthwhile for employers to require employees to sign agreements like those described above. I’ve created similar contracts for healthcare provider clients to implement as part of their comprehensive compliance programs. I usually include internal reporting mandate provisions within a confidentiality and security attestation document.
The employee acknowledges they are bound to keep company financial practices secret, as well as required to report concerns to the employer before reporting them to others. The burden is contractually on the employee to report internally. Failing to do so constitutes a breach of contract, which at least one court has said is different enough from a whistleblower suit that it agrees with public policy.
Mandating this contract in isolation, however, is not advisable. It should be part of a robust compliance program, in which employees are taught to detect and prevent legal improprieties. The idea is that a company can’t fix compliance problems that it doesn’t know about, and a good way for a company to know about the issues is to require employees to disclose them.
A good compliance program is based on the Office of Inspector General’s seven pillars of an effective compliance program:
- Designating a Compliance Officer
- Implementing Compliance Practice Standards
- Conducting Internal Monitoring and Auditing
- Conducting Appropriate Education and Training
- Responding Appropriately to Detected Offenses and Developing Corrective Action
- Developing Open Lines of Communication
- Enforcing Disciplinary Standards Through Well-publicized Guidelines
Implementing mandatory reporting requirements promotes pillar number five, and supplements regular monitoring and auditing in pillar four.
Contracts with employees to mandate internal reporting are a bit like nuclear weapons: No one ever wants to use them, but they send a message of strength and promote discussions about issues and conflicts.
- Do Tell! Encourage Internal Reporting of Compliance Issues - January 1, 2017
- Avoid Being the Next Kickback and False Claims Defendant - November 15, 2016