Photo of Matthew J. Westbrook

Matt is an associate in the Corporate Department and a member of the Health Care Group.  His practice focuses on providing regulatory compliance advice for the Firm’s health care clients, including service providers, health plans, operators, investors, and lenders, among others.  Matt specifically provides advice on fraud and abuse matters arising under the Federal False Claims Act (FCA), Civil Monetary Penalties Law (CMPL), Federal Anti-Kickback Statute (AKS), and Physician Self-Referral Law (Stark Law), as well as on the regulations promulgated by the Drug Enforcement Administration (DEA) and the Department of Health and Human Services, including the Office of Inspector General (OIG), Centers for Medicare & Medicaid Services (CMS), and Food and Drug Administration (FDA).

The U.S. Department of Health and Human Services Office of Inspector General’s (OIG) core responsibility is to promote efficiency and economy in myriad programs by eliminating fraud, waste and abuse.  For years, compliance professionals have come to rely on OIG’s advisory opinions, special fraud alerts, advisory bulletins and industry-specific guidance

The U.S. Department of Health and Human Services (“HHS”) has expanded upon its recent Healthcare Sector Cybersecurity Concept Paper (which we covered in a prior blog post), issuing cybersecurity performance goals (“CPGs”) for the healthcare and public health (“HPH”) sector. These CPGs aim to help healthcare organizations protect against

The U.S. Department of Health and Human Services (HHS) recently issued a strategy paper highlighting key aspects of its plan to revamp cybersecurity requirements in the healthcare industry. Citing a 93% increase in large data breaches in healthcare from 2018 to 2022 and a rapid increase in ransomware attacks against

Last month, the Office of Inspector General (OIG) for the U.S. Department of Health and Human Services reaffirmed its longstanding position that an arrangement that “carves out” Federal health care program (FHCP) business is not dispositive with respect to whether such arrangement implicates the Federal Anti-Kickback Statute (AKS).  Specifically, OIG

On June 16, 2023, the Supreme Court (the “Court”) in United States ex rel. Polansky v. Executive Health Resources affirmed the federal government’s power to dismiss a False Claims Act (“FCA”) action brought under the qui tam provisions whenever it chooses to intervene. Polansky is the second FCA case this summer in which the Court has ruled in favor of the federal government—i.e., the Department of Justice, acting through the Attorney General (“DOJ”). Writing for an 8-1 majority, Justice Kagan explained that DOJ receives considerable deference, even over the objection of the individual who raised the action (i.e., the relator or whistleblower), to dismiss cases that are inconsistent with DOJ’s interests.

In a unanimous opinion, the United States Supreme Court (“Court”) recently held that the False Claims Act’s (“FCA”) scienter requirement refers to a defendant’s knowledge and subjective beliefs, rather than what a hypothetical reasonable person could have known or believed.  As supported by the text of the FCA itself and by its common‑law roots, the Court explained that the “focus is what a defendant thought when submitting a claim—not what a defendant may have thought after submitting it.”  Consequently, the Court vacated the holding of the Seventh Circuit and remanded the matter for further proceedings consistent with the Court’s opinion.  Because the Seventh Circuit had affirmed a Federal district court’s grant of the defendants’ motions for summary judgment, the Court’s opinion effectively revives the FCA claim against the defendants.

We previously wrote about the United States Department of Justice’s (“DOJ”) Civil Cyber-Fraud Initiative (“CCFI”), which “aims to hold accountable entities or individuals that put U.S. information or systems at risk by knowingly providing deficient cybersecurity products or services, knowingly misrepresenting their cybersecurity practices or protocols, or knowingly violating obligations to monitor and report cybersecurity incidents and breaches.”  In that post, we summarized DOJ’s first two False Claims Act (“FCA”) resolutions pursuant to the CCFI, which amounted to more than $9 million in recoveries.

In an important decision limiting the reach of the Federal Anti-Kickback Statute (42 U.S.C. 1320a-7b(b)) (“AKS”) and its application to violations of the False Claims Act (31 U.S.C. 3729, et seq.) (“FCA”), the U.S. Court of Appeals for the Sixth Circuit (“Sixth Circuit”) recently contended that, “[w]hile the word remuneration may be broad, it customarily requires a payment or transfer of some kind,” and mandated “but-for” causation standard for determining whether claims paid by Federal health care programs were tainted by an AKS violation such that they violated the FCA.  See U.S. ex rel. Martin et al. v. Hathaway, et al., Case No. 22-1463, at 11 (6th Cir.) (appeal from 1:19-cv-00915, ECF Doc. No. 108 (W.D. Mich.)) (emphasis added).

On Friday, March 31, 2023, the Centers for Medicare & Medicaid Services (CMS) released the Calendar Year (CY) 2024 Medicare Advantage (MA) Capitation Rates and Part C and Part D Payment Policies (Rate Announcement). This Rate Announcement follows CMS’s February 1 notice of planned changes to rates and the risk adjustment methodology, which provided an opportunity for the public to submit comments during a 30-day period (Advance Notice), as required by Section 1853(b)(2) of the Social Security Act (the Act). The Rate Announcement — providing for 60 days prior to the bid submission deadline of June 5, 2023 — provides notice of the annual capitation for MA for CY2024 related to the benchmark, risk adjustment, and other factors to be used in adjusting rates and responds to all substantive comments received from the Advance Notice.

We summarize the key factors and adjustments to the overall expected average rate increase of 3.32% (which is about $13.8 billion more than CY2023, and an increase from the 1.03% in the Advance Notice), and comments from CMS. We also highlight other key developments affecting MA rates, notably relating to the MA risk adjustment methodology (the 2024 Risk Model). Major changes identified in the Rate Announcement include updates to the risk adjustment model that uses International Classification of Diseases (ICD)-10 codes instead of the ICD-9 system, using data from 2018 diagnoses and 2019 expenditures, and the removal or reclassification of codes disproportionately coded in MA compared to Medicare Fee-For-Service (FFS) that CMS does not consider to accurately reflect increased costs to care for beneficiaries.

On February 6, 2023, a judge for the United States District Court for the Eastern District of Texas (“Texas District Court”) ruled in favor of the Texas Medical Association (“TMA”) and against the United States Departments of Treasury, Labor, and Health and Human Services (the “Departments”) over a challenge to