OIG urges self-reporting of improper conduct, but risk may be too high
OIG urges self-reporting of improper conduct, but risk may be too high
Weigh consequences carefully before speaking up
Now that the Office of the Inspector General (OIG) is urging health care providers to self-report improper conduct, some risk management experts are warning that you must consider the consequences carefully before doing anything.
The OIG’s recent statement should be taken with a grain of salt, says Roy Bossen, JD, a partner with the law firm of Hinshaw & Culbertson in Chicago. He has represented hospital and physician groups in transaction and regulatory matters for more than 20 years. While it sometimes may be a good idea to step forward and admit to wrongdoing, Bossen explains that there is more than one way to view each situation.
Most hospitals like to do the right thing’
"I wouldn’t say automatically disclose or not disclose," Bossen tells Healthcare Risk Management. "Most hospitals like to do the right thing, and a lot of times there is the initial rush to judgment, saying, The right thing is to report.’ But maybe the right thing is to determine whether there is a duty to disclose and how that might impact the institution."
The open letter from the OIG appears to be an appeal for providers to follow their conscience in alerting the OIG to improper conduct, and it offers some incentives for doing so. There’s nothing wrong with that in principle, Bossen says, but if you look at the question from all angles, you might indeed decide that self-reporting is the right thing to do and will not unnecessarily expose your organization to liability, he says. But you might not. (See p. 51 for more on the OIG’s open letter urging self-disclosure.)
OIG isn’t necessarily your friend
While emphasizing that there is no need for a combative approach to compliance, Bossen also says providers should not be lulled into thinking the OIG is a friend looking out for their best interests. That has to factor into any decision about whether to self-disclose, he says.
"You need to remember what the purposes of the OIG and the federal government are," he says. "They want to make sure there is no fraud and abuse, but they also are trying to maximize savings and revenue for the federal government. So they are always going to want you to come forward, but that doesn’t mean you have to."
Each case must be assessed individually, Bossen says, and the first question is whether there is a legal duty to report the improper conduct. If the answer is yes, your path is clear. If the answer is no, then you have to decide whether reporting to the OIG would result in any benefits to your organization, have little effect on the eventual outcome, or have detrimental effects. That question may be the one you have to tackle with most situations in which self-disclosure is a possibility.
Bossen says risk managers should read between the lines in the OIG’s open letter and see the real intent. Beyond urging self-disclosure, the OIG’s letter really is a call for a strong compliance program in health care organizations, he says. In the end, the OIG is going to be more interested in whether you had a strong compliance program to avoid and detect problems, he says, and not so much whether you decided to report the problem.
"The letter is trying to say where the OIG and the health care industry have come in a few years in terms of compliance," he says. "Your compliance programs should result in internal policing, and this letter is a plea for internal policing. And whenever your internal policing uncovers something improper, sometimes the next step is disclosure."
In the letter, Inspector General June Gibbs Brown says, "Perhaps the best evidence that a provider’s compliance program is operating effectively occurs when the provider, through its compliance program, identifies problematic conduct, takes appropriate steps to remedy the conduct and prevent it from recurring, and makes a full and timely disclosure of the misconduct to appropriate authorities."
The OIG’s open letter addresses only "improper conduct" that may rise to the level of criminal conduct, says OIG spokeswoman Alwyn Cassil. "This self-disclosure involves a situation where there is a belief on the part of the provider that they have uncovered conduct in the organization that may be a violation of the law," she says. "Providers have a responsibility when they determine overpayments also, but the self-disclosure protocol is aimed more specifically at when there may be a violation of the law."
The potential benefits of self-disclosure merit serious consideration, Bossen says. The OIG is offering to take it easy on those who voluntarily report improper conduct, and Bossen says that offer could be significant. Especially if it appears the improper conduct could be discovered anyway, without self-disclosure, the OIG’s offer may make it worthwhile to report it instead of hoping no one finds out.
The increasing chance of an audit means self-disclosure may be the best route, says Debra Wolter, CPC, practice leader for provider education with the MMI Group, a risk management consulting firm in Deerfield, IL. She says self-disclosure usually is the right move, though she agrees with Bossen that you will need to consider each individual case carefully.
"It probably is more beneficial to self-disclose because the federal audit initiative is building. It’s now a question of, When will I be audited?’ not, Will I be audited?’" she explains. "There’s not as much chance now that you just won’t be found out if you choose not to self-disclose."
Wolter also notes that risk managers should expect differing opinions when the question comes up. Compliance officers are more likely to recommend self-disclosure because they see it as consistent with the spirit of a compliance program and as a better strategy than waiting for an audit. But chief financial officers, she says, are more likely to gamble that the infraction will never be discovered.
"You’re really weighing the possible outcomes," Wolter says. "When I put on my compliance officer hat, I think you should self-disclose. But when I put on my risk manager hat, I’m inclined to sit down with an attorney and look at all the pros and cons."
What is the flip side of the OIG’s offer to go easy on those who self report? Will the OIG try to punish those who don’t self-disclose but whose problems eventually are discovered by the OIG anyway? Bossen doesn’t think so.
"They may look at you a little differently and perhaps less favorably, but then it’s incumbent upon you to explain rationally why you thought there was no duty to disclose," he says. "You might be in a little worse position if you didn’t disclose, but they really want to see that you had a process in place and were self-policing. If you can show that, the fact that you didn’t self-disclose may be less important."
Wolter points out another risk that should be considered when deciding whether to self-disclose: Your report could open the door to investigations you did not anticipate. If you go to the authorities with a specific infraction to report, they may see that as justification for other investigations.
"Once you begin, there’s no guarantee that it will be limited to that one thing you want to report," she says. "They might start asking questions, and you’ve opened the door by self-disclosing. That’s a possibility that you and your attorney have to factor into your decision."
Subscribe Now for Access
You have reached your article limit for the month. We hope you found our articles both enjoyable and insightful. For information on new subscriptions, product trials, alternative billing arrangements or group and site discounts please call 800-688-2421. We look forward to having you as a long-term member of the Relias Media community.