April 24, 2014
Whistleblower Suits: Emerging Risk on MSP
by Roy Franco
There is an emerging risk on Medicare Secondary Payer (MSP) compliance because of private citizens filing lawsuits.
There is an emerging area of risk associated with Medicare Secondary Payer 1 (MSP) compliance. Workers’ compensation, liability, and no-fault insurance, including self-insurance plans, are exposed to penalties and conditional payments, and there may be violations of the False Claims Act (31 U.S.C. §§3729 – 3733) (FCA) that could lead to fines plus treble damages.
The risk stems from lawsuits commonly known as qui tam actions that are being brought by private citizens known as relators, who are bringing these lawsuits. Relators could recover anywhere from 15% to 30% of the damages in the suits, plus attorney’s fees and costs.
The success of such lawsuits largely depends on whether the U.S. intervenes as plaintiff. Companies and insurance carriers that are responsible reporting entities (RREs) must exercise caution on what data on settlements, judgments, awards and other payments is sent to the U.S. and ensure the data is consistent with the Centers for Medicare & Medicaid Services (CMS) guidelines, policies and regulations. A solid reporting solution is a critical step for protection, but must also integrate business intelligence to eliminate the submission of false claims and allow the appropriate reporting of claims.
The FCA was enacted in 1863 by a Congress concerned over the quality of goods being supplied to the Union Army during the Civil War. Commonly referred to as “Lincoln’s Law,” the rule depended on the private citizen to help the government identify fraud against it. This private citizen, or relator, was rewarded if the government won a judgment. During World War II, the law changed and made it harder for private citizens to assist. When their incentive disappeared, the government’s ability to identify fraud slowed to a trickle even as government contracts surged because of the war. After decades of defense contractor abuse, President Reagan, working with a bipartisan Congress, changed the law in 1986. Fines rose from a minimum penalty of $2,000 to a range of $5,000 to $10,0002 per violation; recoverable damages went from double to treble; and, most importantly, private citizens again had incentives to coordinate with government to prosecute fraud.
Today, more than 80% of FCA actions are qui tam driven, and recoveries exceeded $4.9 billion in the fiscal year that ended Sept. 30, 2012. Such actions are predicted to increase into the foreseeable future.
A qui tam, or whistleblower, claim starts with an individual being aware of a possible fraud being perpetuated against the U.S. Typically, a whistleblower works for the organization that is alleged to be perpetuating the fraud, raises a concern and then suffers an adverse employment action for doing so. The results can be costly to the organization.
Consider a quality-control expert at Hunt Valve in Ohio3. Her company made valves for nuclear attack submarines and reactors. The valves were never inspected, and paperwork was fabricated. When she raised concerns, she was fired and forced to move out of town. The responsible parties, Northrup Grumman Newport News, General Dynamics Electric Boat and three other defendants, paid a $13.2 million settlement to the U.S.
Also consider a pharmacist who was treated similarly by his new employer, Omnicare4. He had previously owned a “mom and pop” drugstore outside of Chicago and was a seasoned pharmacist. He discovered widespread drug switching for profit, and, when he notified his bosses, he was fired and forced to work as a temp at other pharmacies that engaged in the same bad practices. He then brought an action and secured a $120 million settlement.
A third example is rare in that the relator was the CEO of a laboratory company5. He realized that a competitor was producing a particular testing product that was defective and caused dialysis patients to be overdosed with expensive and harmful drugs that Medicare paid for. He brought the test results to the competitor’s attention but was rebuffed. He filed under FCA and recovered $302 million for the government.
Certain private citizens are barred from being a relator. If someone was convicted of criminal conduct arising from his or her role, the citizen is not allowed to sue6. If another qui tam concerning the same conduct has already been filed, known as the first bar rule, no suit is allowed7. Where the government is already a party to a civil or administrative money proceeding concerning the same conduct, the action is also barred8. Finally, if the information was already disclosed to the public (and the relator is not the source), the matter is barred under the “public disclosure” rule9.
If allowed, a qui tam complaint is filed under seal for 60 days. During this period, the government is required to investigate the allegations to determine if it will intervene. The government can extend this period under seal if it needs further time to investigate, and typically does so. Sometimes, the government may take a year or more to decide. If the government does intervene, it has primary responsibility to prosecute and pay for it10. When the government declines to intervene, the relator can proceed on his or her own, paying the costs, and the seal is lifted. The cost to prosecute can be prohibitive, and many FCA actions fail if the government declines to intervene. However, the law does increase the relator’s share of the damages from a floor of 15% of the damages to a minimum of 25% as compensation for the additional risk.
To win, the relator must prove that the defendant’s conduct, or lack of conduct, meets one of the statutory requirements under 31 U.S.C. §3729(a). The areas where most of the conduct or lack of conduct fall are: 1) knowingly submitting a false claim or record to the government for payment11; 2) knowingly avoiding the submission of a claim or record to the government to avoid the payment of money to the government12; and 3) liability for those who conspire to violate the FCA13.
A prima facie case of prosecutable FCA conduct in any of the three areas would require the relator to establish: 1) the submission of a false claim/record, or avoiding the filing of a required claim/record to the government; and 2) knowledge of the falsity itself. 31 U.S.C. §3729(b)(1) sets forth how knowledge of the false information for the claim or record can be defined. It can be (1) actual knowledge; (2) deliberate ignorance of the truth or falsity of the information; or (3) reckless disregard of the truth or falsity of the information. The fact finder will require concrete evidence to uphold the FCA violation. The relator will also be focused on the applicable regulations, rules and policy memoranda from the government.
After 1986, contractors for the Department of Defense were the primary focus of the government concerning FCA because of unbridled fraud. When the law changed, both government and private citizens unleashed prosecutions against contractors such as United Technologies ($150 million), Boeing ($75 million), Teledyne ($85 million) and Litton ($82 million). As lawsuits were filed, and the substantial recoveries publicized, the industry responded with increased compliance and vigilance to the point that FCA actions are rare in this area today.
Next FCA were lawsuits involving the big pharmaceutical companies. Glaxo Smith Kline paid $1.2 billion for the unlawful promotion of Paxill, Wellburtin, Advair, Lamictal and Zofran for uses not approved by the Food and Drug Administration. Johnson & Johnson paid $2.2 billion for similar off-label use promotion. These highly publicized settlements, and changes in how drug companies may interact with providers, has seen a tapering of such cases and left the FCA qui tam industry on the search for the next area of fraud, waste and abuse against the government.
One method to determine the next industry trend for FCA actions is to follow the focus of certain government enforcement agencies. The Office of Inspector General (OIG) is one such Agency to monitor enforcement actions. The OIG has focused recovery efforts on big pharmaceutical companies, and recent focus has been on Providers for Medicare & Medicaid items and services. FCAs have been equally as active against these Providers. As a result, the OIG had a particularly effective year in recovering over $4.3 billion in 2013 against Providers, returning $8 for every $1 spent by the Agency.
The OIG is also responsible for MSP compliance enforcement. An example of OIG activity is the recent settlement late last year by a Texas health system for $3.67 million14. In that situation, the Relator alleged that Baptist Health Care billed Medicare for items and services it provided to beneficiaries that were covered by other payers such as workers’ compensation, liability and no-fault insurance (Plans). Under MSP law Medicare is allowed to pay for such items and services, when no payment has been made, or payment is not reasonably expected to be made. If that is the situation then Medicare pays, but on the condition it be reimbursed for items and services if payment is ever made by the Plan. That is what happened here. The Plans made payment to the Provider, but no reimbursement occurred, and when the oversight was brought to the attention by the Relator, he was ignored. Correction to the Program was made, but past errors were not corrected. The Provider therefore recognized the falsity of its information, and easily satisfied the criteria for the Relator when it did not reimburse for historical errors after it was brought to their attention. The FCA community is therefore aware of MSP violations and how it can implicate the FCA.
An area that may be subject to FCA is the Medicare & Medicaid SCHIP Extension Act of 2007 (MMSEA). This law modified the MSP to require data reporting by RREs. To encourage participation, the government included a penalty provision for non-compliance of up to $1,000 per day, per claim for failure to report15. The OIG has adjusted its work plan for 2013 and 2014 to look at the MMSEA and the associated penalties that arise from non-reporting of data. OIG involvement typically precedes FCA qui tam actions. It is this area where the greatest potential for FCA actions are likely to begin to take root.
An example of a matter that nearly received government backing was the recent seal that was lifted on March 20, 2014 with respect to a U.S. District Court case filed in the Western District of New York. The government did not choose to intervene, and the Relator is a personal injury attorney who has filed against well over 50 insurance carriers and a few trucking companies that self-insure. The main cause of action alleged was that these companies shifted MSP risk to the United States government through the use of a general release16. Whether there will be success under the FCA remains to be seen as the root cause appears to be brought under a FCA conspiracy theory. The Relator will have to prove a false claim, or avoidance of filing a claim, knowledge thereof the falsity, and the impact to the government. It is unclear, based on present allegations, if the lawsuit will pass the procedural stages, but it does demonstrate that the FCA qui tam industry is taking a serious look at the MSP area for recovery.
Concerns for the RRE in this area are potentially significant. Only recently has MMSEA data been accepted by CMS for reporting by the RRE. As of 1/1/2010, CMS received quarterly downloads from RREs’ workers’ compensation and no-fault plans that involve cases where Ongoing Responsibility for Medical (ORM) was determined. Pursuant to the CMS User Guides, Regulations, and Memoranda, these RREs must monitor all claims, no matter the case status that were open on 1/1/2010, re-opened or newly reported after that date. Once identified, ORM status is to be reported, but it can be immediately terminated if certain established CMS criteria is met.
On October 1, 2010, CMS started to accept the second MMSEA data element from RREs’ workers’ compensation and liability plans regarding the Total Payment Obligation to Claimant (TPOC) meeting certain value thresholds. These TPOCS, or settlements with Medicare beneficiaries, were collected typically the quarter before reporting, and then submitted during an assigned window period set up by CMS for the RRE.
The reporting requirement under the MMSEA provides a relatively straightforward way to establish a claim/record being submitted to the government under the FCA. Whether or not it is false would depend on the Regulations, Rules, Policies (User Guides) and Memoranda from the government about what and when to report. FCA criteria can be easily met, as it is simple to determine from the data when a claim/record was submitted or if it was missed. Determining whether it is false would be harder, but how claim systems manage information based upon the regulations, rules, and policies could be probative on that point. This exact issue came up in an older FCA case involving a Medicare fiscal intermediary, known as Highmark17. This entity served two roles with Medicare, one as a Medicare contractor processing payment claims, and the other as a private provider of services. An FCA action was brought against Highmark for inconsistent claim processes and the court found basis to sustain the FCA complaint based on the fact that the claims processing system did not properly line up with Medicare requirements. Consistent with that ruling, the CMS User Guides and related policy memoranda would be similarly construed and therefore whether an RRE had a case to report as a TPOC or ORM would be based on how those rules would apply.
An RRE’s exposure to an FCA action is mitigated if the RRE utilizes an MMSEA reporting system that is tested. Most MMSEA reporting systems are compliant with the technical aspects of the CMS User Guides; however, they lack the processes that integrate the CMS regulations, policies and user guide rules to allow the end-user to enter the appropriate data. Most reporting systems lack a MMSEA solution with built-in business intelligence to allow the right information to be entered at the right time. The adjuster responsible to enter the data at the critical points needs to be guided to ensure correct submission of data to the government.
Franco Signor LLC processes over 2M records each month to the government for RREs. We have audited over 1,900 RREs and have drawn the conclusion that the MMSEA reporting systems are sound, but the data being populated by the front-lines is not consistent with known rules, regulations and policies of Medicare. We have recommended business intelligence methodology to guide the adjuster to avoid the potential MSP exposure, as well as the emerging risk of associated FCA exposure. The cost is minimal to secure a base line on MSP compliance performance. Integration of business intelligence takes time, but must be accomplished before MSP penalties become fully enforceable. Do not be the RRE whose MMSEA reporting system and methodology is tested by an FCA or qui tam action.
 U.S. v. Allstate Insurance Company, et al., Case #cv-01015-WMS, U.S. Dist. Court for the Western District of New York.