This article was originally published on the Access+ portal for ByrdAdatto Access+ members. Enjoy this free access to learn more about compliance in a regulatory health care environment.
Anyone who has been in the health care industry understands the complexity of compliance. The health care industry is constantly changing as rules, regulations, interpretations and enforcement activities constantly evolve potentially altering the landscape and requiring modifications to existing arrangements. In addition, compliance is fact dependent meaning arrangements must be independently evaluated because changes in facts and circumstances can alter an analysis or conclusion with respect to compliance.
As a result, many times there are no clear cut answers, instead requiring an assessment of risks with the decision coming down to one’s own risk tolerance. Think of a spectrum where one end is black (illegal conduct & orange jumpsuits), the other end is white (fully compliant = no worries, be happy), and in between are the shades of grey. Frustratingly, most arrangements fall within the shades of grey. So to ensure compliance you must: (1) analyze all of the facts in light of all of the rules; (2) narrow down where on the spectrum a particular arrangement falls; and then (3) conduct a risk assessment to make an informed decision. Simple, right?
As you can imagine, navigating the spectrum and determining compliance can be difficult even for health care attorneys with decades of experience. This article then is not meant to be a tutorial on how to conduct an analysis or a dive deep into the details of all the health care laws (“I would love to know all there is to know about Stark!” said no one ever). Instead, the focus is to equip you with enough knowledge to simply be able to spot red flags and ask the right questions.
In health care there are numerous laws, rules and regulations that exist and many are so frequently referenced you may feel like they all always apply. Yet, it is critical to understand which laws actually apply to a given situation so you’re not left running down a regulatory rabbit hole spotting imaginary red flags.
The first place to start are with federal laws, rules and regulations. These are typically the laws that are most well-known and referenced because of the frequency in enforcement (and media attention) by Federal government agencies such as the Office of Inspector General (OIG), Department of Justice (DOJ), Federal Bureau of Investigations (FBI), and Centers for Medicare and Medicaid (CMS). Federal laws also have the most developed guidance for compliance through the publication of regulations, issued advisory opinions and case law.
Even when you conclude certain federal laws won’t directly apply, it is important to still be aware of them because state laws can point to, mirror, or follow their federal counterpart. The two primary federal health care laws for any arrangement are Stark and Anti-Kickback. Despite these being the most commonly encountered federal laws, there are numerous other laws that may apply to a particular situation and shouldn’t be overlooked whether it is the Eliminating Kickbacks in Recovery Act of 2018, Physician Payment Sunshine Act, or Health Insurance Portability and Accountability Act of 1996.
Stark is the federal physician self-referral prohibition preventing physicians from making referrals for “designated health services” (“DHS”) payable by Medicare or Medicaid to entities with whom they (or an immediate family member) have a financial relationship. DHS are specific types of services that include among others, clinical laboratory services, inpatient and outpatient hospital services, radiology and certain other imaging services, durable medical equipment and outpatient prescription services. Financial relationships include both direct or indirect ownership, investment interests or compensation arrangements.
Recognizing the existence of several common, legitimate financial arrangements, exceptions to the general prohibition were created. Therefore, even if an arrangement initially triggers Stark, the arrangement can still be permitted but only if it meets all of the requirements of a specific exception. Failure to meet one element of an exception means the arrangement violates Stark (unless another exception applies) and is therefore prohibited. Because of this bright line rule (meaning you either meet it or you don’t), any regulatory analysis must begin here.
Stark is a civil statute where penalties for physicians who violate it include fines as well as exclusion from participation in Federal Programs (defined below).
Most important to understand about Stark is that it only applies if referrals involve patients covered by Medicare or Medicaid (in whole or in part, and whether as a primary or secondary payer). Therefore when no Medicare or Medicaid patients are involved, Stark will not apply. Also, “physician” is a defined term under Stark and only includes doctors of medicine or osteopathy, dental surgery or dental medicine, podiatric medicine, optometry, and chiropractors. This means Stark does not apply to nurse practitioners, physician assistants, registered nurses, any other licensed professional, or unlicensed individuals. While each of these narrow the scope for when Stark will actually apply to a particular arrangement, it still remains the starting point.
Federal Anti-Kickback prohibits any person from knowingly and willfully soliciting, receiving, offering or paying any remuneration (including any kickback, bribe, or rebate) directly or indirectly, overtly or covertly, in cash or in kind, to any person, in return for or to induce such person to do either of the following: (1) refer an individual to a person for the furnishing or arranging for the furnishing of an item or service for which payment may be made in whole or in part under Medicare, Medicaid, TRICARE or other Federal health care programs (as defined by 42 U.S.C. § 1320a-7b(f)) (“Federal Programs”); or (2) purchase, lease, order or arrange for or recommend the purchasing, leasing or ordering of any good, facility, service or item for which payment may be made in whole or in part under any Federal Program. It has been broadly interpreted to cover any arrangement where one purpose of the remuneration was to obtain money for the referral of services or to induce further referrals. Furthermore, remuneration is more than just payment of funds and has been interpreted to be anything of value.
The OIG enacted “safe harbors” to protect those arrangements it deemed not likely to result in abuse of the Federal Programs. Arrangements that satisfy every element of a particular safe harbor are not considered violations and would not be grounds for prosecution. However, unlike Stark, failure of an arrangement to meet every element of a safe harbor does not make the arrangement illegal, per se, but instead heightens the potential that the arrangement may be scrutinized by the OIG and requires a navigation through the shades of grey.
Federal Anti-Kickback is a criminal law with criminal penalties and administrative sanctions for violations including fines, jail terms, and exclusion from participation in the Federal Programs. Additionally, the Secretary of the Department of Health and Human Services (“HHS”) has the authority to exclude providers, including individuals or entities, who have committed any of the prohibited acts, from participation in the Federal Programs.
The broad language of the statute and its interpretations means the Federal Anti-Kickback must be considered when any arrangement or model involves patients covered by Federal Programs. In addition, unlike Stark that only applies to “physicians,” Federal Anti-Kickback applies to all sources of referrals, including patients. However, most important to understand about Federal Anti-Kickback is that it only applies if referrals involve patients covered by Federal Programs (in whole or in part, and whether as a primary or secondary payer). Therefore when no Federal Program patients are involved, Federal Anti-Kickback will not apply.
A brief discussion is needed on the Travel Act, a federal law criminalizing business activities illegal on the state level. The Travel Act generally provides that it’s a federal felony to engage in interstate commerce with the intent to promote or carry on any unlawful activity – which includes violation of a state bribery law (see discussion below). In 2013 federal prosecutors in New Jersey, and more recently federal prosecutors in Texas, used the Travel Act to transform violations of state bribery laws into violations of federal law in connection with kickback and payment for referral schemes. Because of this federal strategy, it is important to be aware that health care arrangements must include a risk assessment of the application of the Travel Act since the possibility of the federal government’s involvement naturally increases risk and the specter of scrutiny.
The next place to navigate (and likely where you will spend the most time) are state laws, rules and regulations. Unlike the federal laws, state laws typically are not as actively enforced publicly nor do they have as much developed guidance for compliance. This commonly creates two issues: (1) an uncertainty as to how to quantify the level of risk associated with an arrangement in relation to the applicable state laws; and (2) a misperception that a lack of enforcement means no risk at all. Even residing in a state with no enforcement history by state agencies, it is critical to consider the applicable laws because violations can still be relied upon by third parties such as licensing boards, insurance payors, and even parties with whom you’ve contracted. When it comes to state laws, the same types of prohibitions as those on the federal level will typically be encountered.
Similar conceptually to Stark, some states can contain laws prohibiting self-referrals (also known as baby Stark…….doo doo doo doo doo doo – you know you were thinking the same thing).
In California, the Physician Ownership and Referral Act of 1993 (“PORA”), as well as California Labor Code Section 139.3 (workers compensation) contains prohibitions against self-referral making it unlawful for a licensee to refer a person for laboratory, diagnostic nuclear medicine, radiation oncology, physical therapy, physical rehabilitation, psychometric testing, home infusion therapy, or diagnostic imaging goods or services if the licensee or his or her immediate family has a financial interest with the person or in the entity that receives the referral. While in Florida, its Patient Self-Referral Act of 1992 provides a health care provider may not refer a patient: (1) for the provision of designated health services to an entity in which the health care provider is an investor or has an investment interest; and (2) for the provision of any other health care item or service to an entity in which the health care provider is an investor unless certain exceptions apply. Finally, Maryland’s Health Occupations Code contains broad prohibitions on physician self-referrals. Specifically, the physicians and other health care practitioners licensed by the Maryland State Board of Physicians may not refer a patient, or direct an employee or contractor to refer a patient, to a health care entity where any of the following are true: (1) the physician or the physician in combination with their immediate family owns any beneficial interest in the health care entity; (2) the physician’s immediately family owns a beneficial interest of three percent or greater in the health care entity; or (3) the physician, their immediate family, or the physician in combination with their immediate family has a compensation arrangement with the health care entity.
These state self-referral laws are implemented on the premises that the referral of a patient by provider to another provider of service in which the referring provider has a financial interest represents a potential conflict of interest. As was the case with Stark, state self-referral prohibitions may apply to a limited set of payor sources (i.e. state Medicaid programs) or be payor indifferent (doesn’t matter who makes payment, even cash). They could apply to a limited set of health care services (i.e. designated health services) or apply to any health care service being referred. Once again since these self-referral laws tend to be more bright line rules similar to Stark, any state level analysis should begin here.
Ancillary to the state self-referral prohibitions are state laws requiring certain disclosures be made to patients. In Texas, a person commits an offense if the person accepts remuneration to secure or solicit a patient or patronage for a person licensed, certified, or registered by a state health care regulatory agency and does not, at the time of initial contact and at the time of referral, disclose to the patient: (1) the person’s affiliation, if any, with the person for whom the patient is secured or solicited; and (2) that the person will receive, directly or indirectly, remuneration for securing or soliciting the patient. The most basic disclosure requirement in California is contained in Business and Professions Code §654.2 which requires all licensed health care providers to disclose to patients “significant beneficial interests” that a licensee or any member of the licensee’s immediate family may have in any organization to which the licensee refers patients. The disclosure must be made before the referral is made. These types of state disclosure requirements may not necessarily prohibit a particular arrangement but instead puts forth important steps that must be followed.
More so than baby Stark, more states have some form of state law, rule or regulation prohibiting payments for referrals.
In Texas, the Texas Occupation Code states that a person commits an offense if the person knowingly offers to pay or agrees to accept, directly or indirectly, overtly or covertly any remuneration in cash or in kind to or from another for securing or soliciting a patient or patronage for or from a person licensed, certified, or registered by a state health care regulatory agency. The exception to this rule permits any payment, business arrangement, or payment practice permitted by the Federal Anti-Kickback or any regulation adopted under it such as the safe harbors. Florida’s Patient Brokering Act makes it unlawful for any person, including any health care provider or health care facility, to: (a) offer or pay a commission, benefit, bonus, rebate, kickback, or bribe, directly or indirectly, in cash or in kind, or engage in any split-fee arrangement, in any form whatsoever, to induce the referral of a patient or patronage to or from a health care provider or health care facility; (b) solicit or receive a commission, benefit, bonus, rebate, kickback, or bribe, directly or indirectly, in cash or in kind, or engage in any split-fee arrangement, in any form whatsoever, in return for referring a patient or patronage to or from a health care provider or health care facility; (c) solicit or receive a commission, benefit, bonus, rebate, kickback, or bribe, directly or indirectly, in cash or in kind, or engage in any split-fee arrangement, in any form whatsoever, in return for the acceptance or acknowledgment of treatment from a health care provider or health care facility; or (d) aid, abet, advise, or otherwise participate in the conduct prohibited under paragraph (a), paragraph (b), or paragraph (c).
Meanwhile, California has two primary prohibitions on kickbacks. The most commonly referenced is California Business and Professions Code Section 650 stating the offer, delivery, receipt, or acceptance by any person licensed under the Healing Arts division or the Chiropractic Initiative Act of any rebate, refund, commission, preference, patronage dividend, discount, or other consideration, whether in the form of money or otherwise, as compensation or inducement for referring patients, clients, or customers to any person, irrespective of any membership, proprietary interest, or coownership in or with any person to whom these patients, clients, or customers are referred is unlawful. California’s Health & Safety Code Section 445 also provides no person, firm, partnership, association or corporation, or agent or employee thereof, shall for profit refer or recommend a person to a physician, hospital, health-related facility, or dispensary for any form of medical care or treatment of any ailment or physical condition.
The difficulty with navigating the state anti-kickback laws is that not only do they tend to be broadly written, but a lack of public guidance or enforcement can make it difficult to understand the nuances and safe harbors for compliance. For example, Texas’s anti-kickback law is a broadly written, payor indifferent statute that is known within the industry for lacking any meaningful enforcement from a state governmental agency. However, an apparent lack of enforcement doesn’t negate the application of the law to a particular arrangement; instead, it may be a factor to consider when determining the level of risk of involved.
State bribery statutes include not only those prohibiting commercial bribery, but also those addressing illegal remuneration regarding improper payments in connection with referrals for services. As discussed above, both Texas and New Jersey have played a major role in enforcement.
Under the Texas Commercial Bribery Statute, a person who is a fiduciary commits an offense if, without the consent of his beneficiary, he intentionally or knowingly solicits, accepts, or agrees to accept any benefit from another person on agreement or understanding that the benefit will influence the conduct of the fiduciary in relation to the affairs of his beneficiary. A “fiduciary” specifically includes a physician, and a “beneficiary” means a person for whom a fiduciary is acting. An offense under the Texas Commercial Bribery Statute is a state jail felony. Similarly in New Jersey, a person commits a crime if he solicits, accepts or agrees to accept any benefit as consideration for knowingly violating or agreeing to violate a duty of fidelity to which he is subject, including as a physician.
Both of these state bribery laws led to the novel use of the Travel Act (described above) by the federal government to prosecute actions otherwise strictly state focused. This is why any risk assessment of an arrangement, even if only dealing with level issues and no Federal Programs, must not only assess the risk from a state enforcement perspective but also take into account the possibility the federal government could become involved.
If there is any one thing to take away from this article it is that navigating the health care regulatory environment is not easy. There are numerous factors that must be taken into account and there can be several paths needed to ultimately get to a conclusion regarding compliance. While the first step is to put yourself in position to spot the red flags by generally understanding the federal and state laws, and other rules and regulations that may apply, the work doesn’t stop there.
Because compliance is so fact dependent, you must be prepared to disclose all aspects surrounding a potential arrangement, including describing in detail all parties and relationships involved. Even though a particular arrangement in a vacuum may appear to be compliant, the presence of other facts can quickly change that conclusion. A healthy and solid regulatory analysis is one that has considered all facts and circumstances involved. This includes the intent of the parties or past discussions that have been involved. When dealing with intent based statutes (i.e. Federal Anti-Kickback), the intent of the parties can be key pieces of evidence despite the documents themselves appearing to be fully compliant on their face.
Finally, once you’ve obtained an analysis and understand what is necessary to establish a compliant arrangement, you must be prepared to implement the arrangement exactly as described in the documents themselves. Deviation from the terms of an arrangement or understanding, ever so slightly, immediately creates a potential issue with the underlying compliance analysis (again fact dependent). Prior to any deviation or change in terms, such change must be evaluated separately in the context of the overall model to determine whether a compliance issue will arise and if there is any increase in the overall risk.
For more information on regulatory compliance, schedule a consult with us at email@example.com.