David Schumacher on Government False Claims Act Investigations [Podcast]

11/02/21 • 15 min

Post By: Adam Turteltaub False Claims Act cases often begin with a whistleblower, and worse, one who had reported the issue to management and nothing was done about it, at least not that the whistleblower knew. David Schumacher (LinkedIn), a partner at the law firm Hooper, Lundy & Bookman and author of the Chapter “Government Investigations” in the new HCCA book False Claims in Healthcare is not surprised. As he explains in this podcast, compliance teams are often completely overwhelmed, making it difficult to determine what call is routine and what possibly raises a real and substantial issue. Another complicating factor: many calls get triaged and sent to teams outside of compliance. These teams may not follow up adequately, or at all. To reduce these risks he recommends remembering that whistleblowers very much want to be heard. As a result, it’s important to respond, document responses to them and ensure that the issues that they raised are followed up on. Once the investigation begins it’s important, he points out, that compliance stay deeply involved, even if legal is running point. The compliance team can assist the investigation, likely has a strong grip on the facts and will play a driving role in any subsequent remedial actions. Once the government gets involved it’s important to realize the potential for disruption, and even paralysis, within then organization. As a result, an aura of calm needs to be projected. Also essential: gathering the documentation and data to demonstrate to the government the effectiveness of the compliance program. That includes information such as the size of the compliance program, its scope of responsibilities, how many audits have been completed, what is on the workplan for next year, how many complaints have been fielded in the last several months (or years), and the number of educational events conducts, just to name a few. And don’t wait to pull these documents together only once an investigation starts. Documenting as you go is much more advisable. Listen in to learn more about how to manage False Claims Act investigations, including what the current focus of the government is.

Previous Episode

Gerry Blass on Healthcare Vendor Risk Management [Podcast]

Post By: Adam Turteltaub Healthcare risk doesn’t stop at the facility’s door. Covered entities have countless business associates (BA), each of which poses risks of its own. That, in and of itself, is a challenge, but Gerry Blass, President and CEO of ComplyAssistant observes in this podcast that many covered entities aren’t even sure of their complete list of vendors, let alone the risks that can reside in them. To get a handle on this situation he recommends creating an inventory of your BAs and then dividing them into high, medium and low inherent risk. That involves looking at what each vendor does and the relative risks involved on a granular level. For example, an electronic medical record (EMR) vendor with a cloud-based solution is going to be inherently high risk. A vendor that transfers but does not store data may be just a medium-level risk. With reports indicating that approximately 60% of breaches occurred at the vendor level in 2021, getting a handle on this risk is critical. Of course, preliminary scoring of the risk level is only the first step. From there the organization needs to get more detailed information to ensure that there are adequate mitigation measures. He recommends putting together a detailed list of questions both to ask during the onboarding process and later as a part of ongoing auditing and monitoring of the BA. Checking in periodically is essential because situations do change. The work being done by the vendor may have evolved, and so may the vendor’s internal risk management efforts. He also advises looking at the BA’s own business associates. A given vendor may rely on 10 others. As a result, it’s important to understand how the risk of the BA’s own BA’s are being managed. Finally, he also addresses the need to reassess risk as organizations return to the workplace, including how remote access is handled. Listened in to learn more about how to improve your healthcare vendor risk management processes.

Next Episode

Kasey Ingram and Rocco Debitetto on Bankruptcy and Compliance [Podcast]

Post By: Adam Turteltaub Bankruptcy doesn’t come up a lot at compliance conferences, but it did at the SCCE 2021 Compliance & Ethics Institute. Kasey Ingram, General Counsel & Chief Compliance Officer at ISK Americas and Rocco Debitetto, Partner at Hahn Loesser addressed the topic, which is one worth considering. There’s no guarantee that any company won’t end up in Chapter 11 or won’t acquire another company going through it. As they explain in this podcast, while the importance of compliance doesn’t change during a bankruptcy, the environment in which it operates transforms dramatically. Chapter 11 is designed to help the company breathe, reorganize, redeploy its assets and hopefully continue to operate. But while for rank and file employees it is likely business as usual (with a good amount of stress added) for management it’s a frantic time. More, who and where compliance reports may be very different. The debtor in possessions appoints officers and managers to run the company, and these individuals may be different than the people the compliance team had reported to. They also are focused on, as quickly as possible, saving the company and getting it back on its feet. Compliance is not a priority. As a result, it’s important for compliance to do two things quickly. First, make sure the new management knows who the compliance team is and what it does. Second, let them know that you are not there to get in the way but to help avoid potential problems that will add greater complexity to the reorganization efforts. On a tactical level there’s a need to ensure that leadership, when reviewing contracts, knows which ones are essential to running the compliance programs. Canceling the helpline contract, for example, may save money but should not be on the table. Compliance also needs to be on the lookout for empty chairs. Chapter 11 is typically a time when there is substantial turnover. Keep a vigilant eye out for departures by people who have compliance responsibilities, and be prepared to backfill the positions. What happens if your company is healthy and acquiring a company out of Chapter 11? Expect insufficient time to do the standard due diligence. The good news is that the US Department of Justice generally understands that post-acquisition due diligence may be necessary, but don’t wait too long to do it. Then if you find issues, be sure they are addressed promptly. In sum, even if bankruptcy seems far away, it’s worth taking the time to listen to this podcast. Even seemingly healthy companies can take a sudden downturn, or acquire another entity that is in Chapter 11.