OIG Publishes Revised Provider Self-Disclosure Protocol

On April 17, 2013, the Department of Health and Human Services, Office of Inspector General ("OIG") issued an Updated Provider Self-Disclosure Protocol ("SDP") published on its website. According to the OIG, the revised protocol supersedes and replaces the 1998 Federal Register Notice and previous OIG guidance provided in three Open Letters to Health Care Providers published in 2006, 2008, and 2009.

The revised SDP incorporates several noteworthy comments, clarifications, and additional instruction including:

  • A formally "instituted" presumption against requiring integrity agreement obligations in consideration for a release of the OIG's permissive exclusion authority.
  • Acknowledgement that individuals or entities seeking resolution through the SDP process "deserve" the benefit of a lower multiplier on damages. Specifically, the OIG discussed its practice of utilizing a minimum multiplier of 1.5 times single damages, although retaining the right to use a higher multiplier when deemed appropriate.
  • Recognition that participation in the SDP may mitigate potential exposure under the 60-day mandatory repayment provisions governing overpayments.
  • Acknowledgement that all health care providers, suppliers, as well as other individuals or entities, including pharmaceutical and medical device manufacturers, subject to the OIG's civil monetary penalty ("CMP") authorities are eligible to use the SDP.
  • A streamlined process to limit the average time a case is pending to less than 12 months, while reducing the timeframe to submit internal investigation findings to 90 days from the date of the initial submission.
  • Clarification that entities utilizing the SDP will be expected to waive and not to plead statute of limitations or other similar affirmative defenses to administrative actions filed by the OIG.
  • Clarification and further guidance regarding the methodologies to be utilized when calculating damages under three different disclosure categories.


The protocol identifies the types of health care entities eligible for participation in the SDP and specifically what conduct is and is not eligible for acceptance into the SDP. The OIG clarified the SDP is available not only to health care providers and suppliers, but also other individuals or entities that are subject to the OIG's CMP authorities, such as pharmaceutical and medical device manufacturers. Because the SDP is intended to resolve matters that, in the disclosing party's "reasonable assessment," potentially violate federal criminal, civil, or administrative laws for which CMPs are authorized, the OIG expressly requires that the disclosing party's submission itemize the particular law or laws potentially violated. The OIG also instructs disclosing parties to acknowledge the identified conduct constitutes a potential violation of law(s), including, where applicable, the Anti-Kickback Statute ("AKS") and Stark Law.

The OIG highlights an expectation that disclosing parties resolve "all liability within the CMP law's six year statute of limitations." Further, the OIG requires "as a condition precedent" to acceptance into the SDP, the disclosing party to agree to waive and not to plead statute of limitations, laches, or any similar defenses to any administrative action filed by the OIG relating to the disclosed conduct, unless such defenses existed on the date of the SDP submission.

Finally, the OIG instructs disclosing parties that corrective action should be taken "prior to disclosure" to ensure the conduct has ended; however, if the disclosed conduct relates to an improper kickback arrangement that is not terminated at the time of submission, the disclosing party should ensure it is terminated and corrective action implemented within 90 days of SDP submission.

Disclosure Requirements

Similar to the 1998 self-disclosure protocol, the revised SDP requires the disclosing party to conduct an internal investigation and report its findings to the OIG in its submission. The narrative description requirements are comparable to those of the previous protocol; however, the revised SDP also requires the disclosing party provide the name of an individual authorized to enter into a settlement agreement on behalf of the disclosing party. Additionally, the SDP details  disclosure requirements for three specific categories: false billing, excluded persons, and the AKS and Stark Law.

Disclosures Involving False Billing

A disclosure relating to the submission of improper claims must include an estimate of the improper amount or "damages" paid by the federal health care program. The OIG advises that the estimation of damages should be based on either a review of all claims affected by the disclosed matter or a statistically valid random sample capable of extrapolation. The revised SDP provides specific guidance on using a sample to estimate damages and outlines certain minimum requirements including the review objective, population of claims, sources of data, personnel qualifications for individuals conducting the review, and characteristics measured (e.g., criteria used to define a claim as proper or improper).

For repayments based on sampling, the OIG reports an expectation that a minimum of 100 items be reviewed and the disclosing party use the mean point estimate for damage calculations. However, the OIG comments that smaller sample sizes (still closer to 100) may be acceptable where there is a high level of homogeneity, whereas larger sample sizes may be necessary in a highly diverse population. Notably, the revised SDP no longer requires a minimum precision or confidence level for the statistical review of claims.

Disclosures Involving Excluded Persons

In this update, the OIG sets forth additional information required when disclosing conduct involving excluded persons, including: specific information identifying the excluded individual, details regarding the excluded individual's employment or contractual relationship, a description of the screening process, and any corrective actions implemented to prevent future hiring of excluded individuals. The OIG also now requires the disclosing party to rescreen "all current employees and contractors" prior to a submission so that all potentially excluded individuals are identified in one disclosure.

When determining damages for an excluded individual who was a direct provider of services, the OIG requires that the disclosure include "total amounts claimed and paid by the Federal health care programs" for items and services "furnished, ordered, or prescribed" by an excluded individual. In a situation where the excluded individual provides services that are not separately billed (e.g., nursing services), the OIG advises that these calculations should include the party's "total costs of employment or contracting during the exclusion." (Costs of employment are defined to include salary, benefits, and any enumerated indirect costs.) Once the total cost is determined, the OIG instructs that this amount should be multiplied by the provider's applicable federal health care program payor mix for each federal program for the relevant time period.

Disclosures Involving Anti-Kickback Statute and Stark Law

The revised SDP requires that submissions provide certain details concerning the disclosed conduct including, but not limited to, the participants' identities and their relationship to one another, the payment arrangements, and the dates covering the time period of the disclosed conduct. In its updated protocol, the OIG also provides examples of the types of information found to be helpful when assessing past submissions, such as fair market value analyses and commercial reasonableness of suspect arrangements.

When disclosing conduct involving AKS and Stark Law violations, the OIG requires an SDP submission to include the total remuneration at issue in each arrangement even though the disclosing party considers some portion of the remuneration as lawful. Although a disclosing party may advance an argument as to a lawful financial benefit conferred, the OIG acknowledges it will generally calculates settlement amounts based upon a "multiplier of the remuneration conferred by the referral recipient to the individual or entity making the referral." The OIG views this approach as an incentive to encourage disclosure through the SDP process.

Minimum Settlement Amounts

The OIG noted in the revised SDP that its "general practice" is to require damages be calculated, at a minimum, utilizing a multiplier of 1.5 times single damages, defined as the amount paid by the federal health care programs. Consistent with the March 2009 Open Letter, the OIG maintains a minimum settlement threshold of $50,000 for kickback-related submissions to the SDP. The revised SDP now also sets forth a minimum settlement amount of $10,000 for "all other matters accepted into the SDP." According to the OIG, these minimum amounts are based upon the OIG's statutory authority to impose per-transaction and per-claim penalties, respectively.

The OIG advises it will credit refunds made before resolution of an SDP matter when the conduct is related. Of course, the agency cautions that it is not bound by the amount, and even if the methodology used to calculate the repayment is accepted, the disclosing party "should expect to pay a multiplier on the damages under the SDP."


The OIG reiterated it will continue to coordinate with the Department of Justice ("DOJ") in resolving SDP matters. Where the DOJ participates, the matter will be resolved at the DOJ's direction "consistent with its resolution of" [F]alse [C]laims [A]ct cases." Although the OIG maintains it will advocate that the disclosing party receive the benefit of self-disclosure, it acknowledges that the DOJ will dictate the approach when involved. Any disclosures involving criminal conduct will be referred to the DOJ.

Freedom of Information Act

Disclosing parties are reminded that SDP submissions may be subject to disclosure under the Freedom of Information Act, and parties should identify clearly any portion of the submission that may be exempt from disclosure as trade secrets, or as commercial, financial, privileged, or confidential information.

Lawyer Contacts

For further information, please contact your principal Firm representative or one of the lawyers listed below. General email messages may be sent using our "Contact Us" form, which can be found at

Heather M. O'Shea

Stephen G. Sozio

Rebekah N. Plowman

Tina M. Tabacchi

Jones Day publications should not be construed as legal advice on any specific facts or circumstances. The contents are intended for general information purposes only and may not be quoted or referred to in any other publication or proceeding without the prior written consent of the Firm, to be given or withheld at our discretion. To request reprint permission for any of our publications, please use our "Contact Us" form, which can be found on our web site at The mailing of this publication is not intended to create, and receipt of it does not constitute, an attorney-client relationship. The views set forth herein are the personal views of the authors and do not necessarily reflect those of the Firm.