CMS Release of Medicare Billing Data Combined with Physician Payment Sunshine Act Data May Boost Fraud Litigation: Cloudy Skies Ahead for Providers?
In February 2013, we reported (on our Healthcare Law Blog) that the Centers for Medicare and Medicaid Services (CMS) announced the final rule for the Physician Payments Sunshine Act. In the interest of providing more transparency for patients, the final rule requires pharmaceutical and medical device manufacturers and group purchasing organizations to report payments or transfers of value provided to physicians or teaching hospitals and to report physician ownership and investment interests. The April 2014 deadline for submission of aggregate data and the May 2014 deadline for the submission of detailed data have now passed. CMS has already established a website to display that data beginning in September 2014. In the meantime, also in the interest of transparency, on April 9, 2014 CMS touted the “historic” release of data showing utilization, payments, and submitted charges for services and procedures provided by physicians and other health care professionals to Medicare beneficiaries. As claimed by CMS, this data covers “880,000 distinct health care providers who collectively received $77 billion in Medicare payments in 2012, under the Medicare Part B Fee-For-Service program” and will enable “a wide range of analyses that compare 6,000 different types of services and procedures provided, as well as payments received by individual health care providers.” (See press release. The data is available here.) The consequences of such unprecedented releases of payment/investment interest and Medicare billing data are significant.
While Medicare billing data has always been available to the Government, Sunshine Act data has not been previously available on this scale. According to CMS, compliance with the Act’s reporting requirements does not preclude liability under statutes such as the Anti-kickback Act (41 U.S.C. §51 et seq.). Federal and state prosecutors have already indicated that Sunshine Act reports are a potential source of data for new False Claims Act (FCA) investigations. Moreover, the data could support an inference of off-label marketing if, for example, a pharmaceutical manufacturer makes payments to physicians in unexpected specialties.
Perhaps of more concern is how the qui tam plaintiffs’ bar will react. For fiscal years 2009 – 2013, the DOJ used the FCA to recover $12.1 billion in federal health care dollars, and the vast majority came from qui tam cases. (See here.) Certainly, Sunshine Act and Medicare billing data can be used to corroborate or lend credibility to allegations made by clients, and therefore be considered when undertaking representation in the first place. The data can also serve to provide the claims detail necessary to satisfy Rule 9(b) of the Federal Rules of Civil Procedure. But the data can also be used to generate new allegations in search of a client. Savvy qui tam counsel can be expected to engage in “data mining” to find suspicious activity and then identify potential insiders who can serve as relators. This approach has the potential to overcome the FCA’s public disclosure bar. Actions brought by qui tam plaintiffs, but not the Government, can be dismissed if “substantially the same allegations or transactions” are in the public domain, i.e., “publicly disclosed” in a “Federal criminal, civil, or administrative hearing,” in a “congressional, Government Accountability Office, or other Federal report, hearing, audit, or investigation,” or from “the news media,” “unless … the person bringing the action is an original source of the information.” (31 U.S.C. §3730(e)(4)(A) & (B), as amended by the Affordable Care Act.) Although the specific issue of whether data released on the CMS website constitutes a “public disclosure” under the FCA has not yet been litigated, there is a reasonable likelihood that it will be considered as such. Under the prior version of the FCA, “[c]ourts have … broadly construed the term ‘administrative reports’ to include publicly-searchable databases.” (U.S. ex rel. Doe v. Staples, Inc., 932 F. Supp.2d 34, 40 (D.D.C. 2013), citing U.S. ex rel. Rosner v. WB/Stellar IP Owner, L.L.C., 739 F. Supp.2d 396, 407 (S.D.N.Y. 2010) (holding that public database on city agency’s website was “an administrative report” subject to FCA’s public disclosure bar); see also Schindler Elevator Corp. v. U.S. ex rel. Kirk, — U. S. –, 131 S. Ct. 1885 (2011) (federal agency’s written response to FOIA request for records constitutes a “report” within meaning of FCA’s public disclosure bar).) To qualify as an “original source,” an individual must have either “prior to a public disclosure … voluntarily disclosed to the Government the information” or have “knowledge that is independent of and materially adds to the publicly disclosed allegations or transactions, and … voluntarily provided the information to the Government before filing an action.” (31 U.S.C. §3730(e)(4)(C).) Insiders should be in a position to provide non-public information that “materially adds” to Sunshine Act or Medicare billing data available on the CMS website, such as internal emails and memos, and thus qualify as original sources under the second prong.
In sum, the release of Sunshine Act and Medicare billing data is likely to increase Government investigations and generally benefit qui tam plaintiffs. Thus, in anticipation of the release of Sunshine Act data in September 2014 and given the release of Medicare billing data for 2012—which could continue in future years—now is a good time for prudent health care professionals to go back and review compensation arrangements and billing records to ensure that there are no surprises. And if any irregularities are found, being ahead of the curve provides more options, including potentially seeking entry into the OIG’s voluntary disclosure programs.