Despite the challenges posed by the COVID-19 public health emergency in 2020, the Office of Inspector General, U.S. Department of Health and Human Services (HHS-OIG) entered into the highest number of corporate integrity agreements (CIAs)1 since 2015. The HHS-OIG also entered into seven CIA amendments — far higher than the usual annual tally, highlighting the office’s focus on companies operating under CIAs. Under a new administration, this increase in the number of new and amended CIAs is likely to continue.
The HHS-OIG also continued its enforcement efforts in connection with preexisting CIAs, excluding one entity for failure to pay stipulated penalties or cure the underlying breach and entering into two reportable event settlement agreements related to the payment of improper remuneration. In addition, the HHS Departmental Appeals Board (DAB) upheld the imposition of a $1,322,500 stipulated penalty against a home health company, underscoring both the HHS-OIG’s intent to enforce compliance with CIAs and the need for companies to carefully follow CIA requirements.
The Year in Numbers: CIA Statistics2
The HHS-OIG entered into 47 new CIAs and IAs in 2020,3 10 more CIAs than in each 2018 and 2019. Of the 54 total agreements in 2020, seven were amendments to prior CIAs, 24 were IAs, 22 were CIAs and one was a recipient compliance agreement.4
Sector Breakdown of New CIAs in 2020
As in prior years, the majority of the IAs involved individuals, small group practices or small providers, although the total number of such IAs (21) is higher than previous years. By sector, physician practices accounted for the most CIAs, beyond which concentration a substantial number of CIAs did not neatly fall into any sector but into the “Other” category that included, for example, a charitable organization, a hospice center, and a home health care and equipment services provider. The number of CIAs involving drug and device makers remained fairly consistent, with only two fewer than in 2019. The type of entities entering into CIAs has remained fairly consistent since 2017: physicians or small providers (51), hospitals or health systems (25), nursing home, rehab and long-term care facilities (21), drug or device makers (19), and pharmacies and pharmacists (8).5
Top Sectors Represented by New CIAs From 2017-2020
Notable CIAs and Trends
Amendments. Like the number of CIAs, the number of CIA amendments also increased in 2020. Although the HHS-OIG typically enters into one or two amendments per year, 2020 saw seven such agreements. One amendment postponed the CIA’s effective date to account for the demands of the pandemic and another added a party to account for corporate restructuring. One amendment highlighted the HHS-OIG’s close review of compliance programs, adding additional compliance obligations to address concerns regarding patient safety issues and CIA adherence. The majority of amendments (four) required revisions to IRO review provisions and altered stipulated penalties for claims reviews. In particular, the HHS-OIG replaced an IRO review with a skilled nursing facility claims review and required stipulated penalties of $2,500 for each day the companies fail to submit claims review reports or to repay any overpayment identified by the IRO.
Continued Novel and Enhanced Provisions. As originally highlighted in our 2019 HHS-OIG Year in Review, the HHS-OIG has continued to include entirely novel provisions in CIAs. For example, the Novartis Pharmaceuticals Corporation CIA involved extensive compliance provisions and fundamental changes to the company’s speaker program that restricted the company’s ability to engage in such programs and limited speaker remuneration to below the industry standard.6 The year-over-year use of innovative and company-altering requirements reveals the HHS-OIG’s intention to heavily regulate company practices — and, by example, industry practices — it views as out-of-step with federal laws, rules and regulations.
As a result, CIA trends that were previously considered novel and unique are beginning to seem more common. Despite including the requirement in only one drug or device maker CIA in 2019, the HHS-OIG required the boards of directors of three drug and device makers to engage compliance experts to review the effectiveness of the compliance programs in 2020. Similarly, the HHS-OIG continues to require drug and device makers to implement financial recoupment programs to put annual performance pay at risk of forfeiture and recoupment if an individual is determined to have engaged in significant misconduct. Although the HHS-OIG required the recoupment provisions once per year in 2017, 2018 and 2019, it did so twice in 2020.
Drug and Device Maker CIAs. Recent CIAs with drug and device makers have largely focused on donations to and relationships with ICFs. In 2019, seven of 19 drug and device maker settlements related, at least in part, to ICFs, compared to four of 13 settlements in 2020. The ICF-related settlements equated to 75% of drug and device maker CIAs in 2019, and only 33% of CIAs in 2020. Instead, drug and device maker CIAs in 2020 addressed a broad range of allegations, including problematic speaker programs, kickbacks, and improper marketing and promotion. Given the high number of ICF-related settlements to date, this downward trend is likely to continue.
Despite the HHS-OIG’s general trend of not requiring CIAs in drug and device maker settlements under $25 million, 2020 proved to be an aberration. Of the six drug and device maker CIAs, four were tied to settlements under the threshold sum. Although the HHS-OIG does not generally comment on the reasons for implementing (or not implementing) a CIA, it can be surmised that these settlements required a CIA because the allegations either involved an ICF (one), potentially implicated patient health and safety issues (two), or addressed a compliance program that lacked support and commitment from company leaders (one).
OIG Actions for CIA Violations
In 2020, the HHS-OIG imposed stipulated penalties against only one company for failure to comply with preexisting CIA obligations. The entity, a home health care provider, was excluded by the HHS-OIG for a material breach of the CIA after it did not pay the stipulated penalty imposed for its failure to submit a second annual report. The company did not request a hearing, and the exclusion took effect on August 12, 2020. Separately, two companies disclosed conduct under a preexisting CIA that resulted in reportable event settlement agreements with the HHS-OIG. In both instances, the companies reported paying improper remuneration: one to hospital senior executives and the other to physician entities. The settlement agreements totaled $50,250 and $910,450, respectively.
Perhaps most notably, in June 2020, the DAB upheld the imposition of a $1,322,500 stipulated penalty against a home health care company for breach of its CIA. The HHS-OIG had demanded stipulated payments based on the entity’s failure to make repayment of overpayments, calculating the total number of days during which each of the overpayments remained outstanding multiplied by the penalty of $2,500. The DAB upheld the HHS-OIG’s position that the “CIA’s auditing and repayment provisions created independent obligations to repay overpayments to Medicare and Medicaid, and that each time the [entity] violated those obligations to repay overpayments, it created a separate basis for OIG to demand stipulated penalties.”7 In addition, the CIA authorized “per-day stipulated penalties to run concurrently for each failure to make timely repayment.”8
CIAs continue to be an important tool for the HHS-OIG to ensure companies involved in health care fraud settlements have robust compliance programs, while the agreements also set de facto guidelines for compliance programs in key areas (e.g., speaker programs). Once novel provisions are being required more frequently (e.g., board engagement of compliance experts), and the HHS-OIG has maintained its focus on compliance controls around the drivers of behavior, including incentive compensation for sales personnel and overall compensation for company executives. Companies should continue to assess their own compliance programs against the evolving controls imposed under CIAs, with a focus on the highest-risk activities and the reward systems that the government believes can contribute to company misconduct.
1 Unless otherwise noted, the term corporate integrity agreement, or CIA, refers to both corporate integrity agreements and integrity agreements (IAs).
2 Placing each company within a single sector is sometimes more art than science. We generally relied on DOJ press releases and company websites to determine a company’s primary type of business.
3 The figures include the CIAs posted to the HHS-OIG’s website as of January 25, 2021.
4 The recipient compliance agreement, entered into with an HHS grant recipient, is designed to promote compliance with federal award requirements.
5 The figures are pulled from previous Skadden alerts and should be considered approximate, as the HHS-OIG may have posted new CIAs after the release of the articles. See Skadden client alerts “Health Care Investigation Trends: Corporate Integrity Agreements No Longer a Given” (March 26, 2018); “HHS OIG Closes 2018 With New Fraud Risk Indicator for Corporate Integrity Agreements” (Jan. 15, 2019); HHS-OIG Year in Review: Pharma and Medical Device CIAs Increase, Include Novel Provisions (Jan. 21, 2020).
6 For additional information, see Skadden’s client alert “HHS-OIG Signals Increasing Skepticism of Speaker Programs, Identifies Practices That Raise Compliance Red Flags” (Nov. 23, 2020).
This memorandum is provided by Skadden, Arps, Slate, Meagher & Flom LLP and its affiliates for educational and informational purposes only and is not intended and should not be construed as legal advice. This memorandum is considered advertising under applicable state laws.