Mandatory Exclusion Upheld in the Northern District of California

On October 22, 2013, the Northern District of California granted summary judgment to the federal government, holding that a five-year exclusion from federal health care programs for felony wire fraud conviction was proper. See Harkonen v. Sebelius, 4:13-cv-71 (N.D. Cal. 10/22/13).  

The Harkonen matter involves a physician who was also the CEO of InterMune, Inc., who developed, marketed, and sold a drug, “Actimmune.”  According to the Northern District of California’s opinion, with respect to Actimmune, Dr. Harkonen “intentionally devised a scheme to defraud that included the issuance of a press release containing false statements regarding a clinical study of Actimmune.”  A jury found Dr. Harkonen guilty of felony wire fraud. 

Generally, there are several reasons which result in mandatory exclusion under the exclusion authorities under the Social Security Act, including 42 U.S.C. § 1320a-7(a)(1) program-related crimes; 42 U.S.C. § 1320a-7(a)(2) conviction relating to patient abuse or neglect); 42 U.S.C. § 1320a-7(a)(3) felony conviction relating to health care fraud; and 42 U.S.C. § 1320a-7(a)(4) felony conviction relating to controlled substance. 

As a result of the conviction, Dr. Harkonen was excluded from federal health care programs for a period of five years, pursuant to 42 U.S.C. § 1320a-7(a)(3), which is the result of a conviction for “an offense….in connection with the delivery of a health care item or service…consisting of a felony, relating to fraud, theft, embezzlement, breach of fiduciary responsibility, or other financial misconduct.” 

Procedurally, this matter has been ongoing for a period of time.  The court’s decision came after a jury returned the verdict in September 2009, and Dr. Harkonen was sentenced in April 2011.  Notice of the exclusion came in August 2011.  In October 2011, he requested an Administrative Law Judge review of the exclusion, which he then appealed to the Appellate division of the Departmental Appeals Board, which affirmed the ALJ’s order in November 2012.  Thereafter, the Plaintiff filed suit against Kathleen Sebelius, Secretary of Health and Human Services and the Inspector General of HHS in March 2013.  The Inspector General was subsequently dismissed.  On a separate track, Dr. Harkonen recently petitioned the United States Supreme Court seeking a writ of certiorari regarding his conviction and sentence. 

At the District Court level, Dr. Harkonen made several arguments, and sought summary judgment based on the fact that the agency decision was contrary to law, arbitrary and capricious and unsupported by the evidence, as well as violating his fifth and eighth amendment rights under the Constitution. 

Dr. Harkonen’s primary argument with respect to the exclusion is that the conviction for wire-fraud was not “in connection with the delivery of a health care item or service.” He argued that the “delivery” did not take place because the conviction did not relate to a physician prescribing Actimmune or that a patient had actually used Actimmune.   According to the opinion, Dr. Harkonen argued that “’delivery’ of a drug only occurs at the point when a prescription is filled and paid for, and that because his company merely ‘delivered’ the drug to a middleman (the distributor, he cannot be deemed to have participated in the ‘delivery,’ of the drug or to have made any misrepresentation regarding the drug during its ‘delivery’…”  Dr. Harkonen also argued that the legislative history supported his position that the purpose of the exclusion was not for situations such as his, but rather for offenses that “related to the delivery of health care” and those situations which constitute “stealing from the government.”

After consideration and review of the findings, the Court found that there was substantial evidence in the record to support the finding that Dr. Harkonen’s offense was in connection with the delivery of a health care item or service: 

InterMune disseminated the Press Release to doctors, patients, and pharmacies, and Dr. Harkonen’s ‘scheme to defraud’ extended over a period of time and entailed both the issuance of a Press Release containing false and misleading information about Actimmune, but also the dissemination of the misinformation in the  Press Release to pharmacies that sold ActImmune to patients and doctors. 

With respect to Dr. Harkonen’s argument that the punishment violated the eighth and fifth amendments, the District Court found these to be inapplicable as the mandatory exclusion is a civil penalty, not a criminal punishment.  Moreover, the Court noted that § 1128(a)(3) “gives the Secretary no discretion with regard to the minimum five-year period.  Conviction of a felony involving fraud or other financial misconduct in connection with the delivery of a health care item or service is the triggering event that mandates that the Secretary impose a minimum five year exclusion.  The language—‘the Secretary shall exclude’—is clearly not discretionary.” 

As a result, the Court denied Dr. Harkonen’s motion for summary judgment; but granted Sebelius’ cross-motion for summary judgment.  The Court found that the 5-year exclusionary period is proper as it is mandatory, not discretionary. 

While Dr. Harkonen is just one doctor who was convicted of felony wire fraud, relating to the “delivery of health care” it is a reminder to healthcare professionals of how far-reaching the government’s authority may be.  Here, Dr. Harkonen thought he was just sending press releases out, unrelated to his practice of medicine.  The effect of the exclusion is far greater, impacting the ability for payment by any Federal health care program payments to be made for any items or services furnished by him, or at his medical direction or on his prescription.  The case also raises questions regarding the communications made regarding scientific research and clinical results. 

If you have any questions, or require additional information about this matter, please contact Randy Fearnow at or Jaya White at,  who regularly counsel clients regarding compliance matters, including those involving OIG exclusions.  In addition, if you are a provider facing a potential conviction which may result in a mandatory or a permissive exclusion, our attorneys are also skilled in handling the defense of such matters. 

Creating Access to Rehabilitation for Every Senior (CARES) Act of 2013

The Creating Access to Rehabilitation for Every Senior (CARES) Act of 2013 was introduced on November 19, 2013 and would eliminate the 3-day prior hospitalization requirement for Medicare coverage of skilled nursing facility services in qualified skilled nursing facilities.  A qualified skilled nursing facility is defined as (i) a facility that based upon the most recent ratings in the Medicare Nursing Home Compare program, has an overall rating of 3 or more stars or a score of 4 stars or higher on the individual quality domain or on the staffing quality domain; and (ii) is not subject to a quality-of-care corporate integrity agreement that is in effect with the Inspector General of the Department of Health and Human Services and that requires the facility to retain an independent quality monitor.  To read the entire act, click here.

For questions, please contact Lori McLaughlin

Minnesota Health System Employee Improperly Accessed Patient Information

In October 2013, Alina Health in Minnesota notified almost 4,000 patients (3,807) of a privacy breach by a medical assistant employee who improperly accessed protected health information (PHI) and other personal information.   Upon discovery of this unauthorized access, Alina Health conducted an investigation in September 2013, which confirmed that the employee had improperly accessed patient information as early as February 2010.  The employee was terminated as a result of this incident.     

The patients were notified by mail, and notice was also available on the Alina Health website. 

As we have discussed in prior publications, part of a robust HIPAA privacy and security policy is to implement several compliance features, including monitoring, audit, workforce training, and sanctions and termination.  

The Alina Health matter is a good reminder to all HIPAA covered entities to review their policies and ensure that compliance with the policies and procedures is being followed.  Some questions come to mind based on this incident, such as the following:

·         Do you know which positions have access to PHI? For example, have you created a minimum necessary database, listing which positions have access to PHI, and how much information (e.g., just the billing information)?

·         Are employees accessing PHI for reasons other than on a “need to know” basis? 

·         Has the Privacy/Security Officer monitored the implementation of the policy to ensure compliance? 

·         What is your sanctions policy for an unauthorized access of PHI? 

·         Does your policy include a method to ensure the security of PHI such that when a person is terminated he or she no longer has electronic access to any information?   

These are just some of the questions that are raised from this incident.  If you have any questions regarding the privacy incident at Alina Health or implementing HIPAA privacy and security policies, please contact attorneys Susan Ziel, or Jaya White

Palmetto GBA announce their intent to focus on certain hospice claims for patients located in Skilled Nursing Facilities (“SNFs”)

On October 29, Palmetto GBA announced their intent to focus on certain hospice claims for patients located in Skilled Nursing Facilities (“SNFs”).  Palmetto GBA announced that it has identified top providers with a large number of beneficiaries receiving hospice services in SNFs, and it intends to initiate a pre-payment, service-specific investigation of claims for beneficiaries with non-cancer diagnoses.  While the claims timeframe is unknown, the investigation will be initiated in Jurisdiction 11, which covers home health and hospice services in Alabama, Arkansas, Florida, Georgia, Illinois, Indiana, Kentucky, Louisiana, Mississippi, New Mexico, North Carolina, Ohio, Oklahoma, Tennessee and Texas.  Once complete, review results will be posted on the Palmetto GBA website and individual providers may be contacted for one-on-one education.

SNF’s may want to review their residents receiving hospice services to identify those with non-cancer diagnoses and ensure the medical records contain sufficient documentation to demonstrate the illness is terminal and progressing in a manner that a physician would reasonably have concluded that the beneficiary’s life expectancy is six months or less. Documentation is especially important for residents that remain on the hospice benefit for an extended length of time in order to demonstrate why hospice services are appropriate.

Providers who receive an Additional Documentation Request (ADR) must submit the requested medical record information within 30 days to Palmetto.  When the claim is finalized, the claim will have paid in full or part, or denied. If you disagree with the decision, you may request a redetermination within 120 days of the determination (date on the remittance advice). Completed review results will be posted to the Palmetto GBA website.

A SNF’s corporate compliance officer may want to designate a team to evaluate whether or not this hospice issue applies to them and if so, designate resources to proactively assess the situation.  Please contact any Krieg DeVault health care attorney to assist you with any questions you might have.

A copy of the notice can be found here.

For questions, please contact Lori McLaughlin

Nursing Home Operator Agrees to Pay $48 million

In early October 2013, a nursing home operator in southern California entered into a settlement agreement to pay $48 million to resolve two whistleblower lawsuits filed against it by former employees of the company. These two lawsuits, United States ex rel. Patterson v. Ensign Grp., Inc., C.D. Cal., No. 06-cv-6956, unsealed 11/18/13 and United States ex rel. Sanchez v. Ensign Grp., Inc., C.D. Cal., No. 06-cv-643, unsealed 11/18/13, alleged that from January 1999 through August 2011, six nursing facilities operated by the California-based Ensign Group (1) submitted false claims to the federal Medicare program for physical, occupation, and speech therapy services to beneficiaries that were not medically necessary and (2) allegedly submitted claims for services that were not provided. The full settlement agreement can be found here.

For questions, please contact Laura MacDonald

Seventh Circuit Court of Appeals Blocks Contraceptive Mandate

In the broadest ruling so far by a federal appeals court barring enforcement of the so-called contraceptive mandate in the new federal health care law, a divided Seventh Circuit Court panel decided on November 8, 2013 to block the mandate that requires companies to provide contraceptive coverage in group health-care plans for employees. The mandate applies to companies that provide their employees with health insurance under group plans.  While the law and government regulations provide some exemptions from the mandate for churches and other strictly religious entities, there are no exemptions for profit-making businesses. The plaintiffs sued the federal government in 2012, arguing that it placed a burden on their practice of religion in violation of the federal Religious Freedom Restoration Act and the free-exercise and free-speech clauses of the First Amendment. The Justice Department, which is charged with defending the mandate in court, has argued that for-profit companies have no religious rights.

The 2-1 decision ruled on behalf of two closely held profit-making companies and their Roman Catholic owners, who claimed the mandate violated their rights under the Religious Freedom Restoration Act. This decision is the first to issue a preliminary injunction barring enforcement of the measure. The Seventh Circuit's ruling contrasts with the decision earlier this month by the U.S. Court of Appeals for the D.C. Circuit, which held there was "no basis for concluding a secular organization can exercise religion." Still, the D.C. court said the owners of produce-distribution companies in Ohio could challenge the mandate as a burden on their own beliefs. 

The full decision, 64 pages in the majority ruling, 90 pages in the dissent, can be found here.

For questions, please contact Laura MacDonald at

HHS Guidance that QHPs are not Federal Health Care Programs

In response to a letter from U.S. House Rep. McDermott, the Department of Health and Human Services (“HHS”) issued guidance (“Guidance”), on October 30, 2013, on the question of whether qualified health plans (“QHPs”) are considered federal health care programs for purposes of §1128B of the Social Security Act (“the Act”).

HHS stated that it does not consider QHPs, other programs related to the Federally-facilitated Marketplace, and other programs under Title I of the Affordable Care Act to be federal health care programs within the §1128B definition.   HHS confirmed that this includes State-based and Federally-Facilitated Marketplaces (“Marketplace”); cost-sharing reductions and advance payments of premium tax credits; Navigators and other federally funded consumer assistance programs; consumer-oriented and operated health insurance plans; and the risk adjustment, reinsurance, and risk corridors programs.   

Because QHPs are not considered Federal Health Care Programs under §1128B, they are not subject to the Anti-Kickback Statute (“AKS”). The AKS makes it a criminal offense to knowingly and willfully solicit, receive, offer, or pay, any remuneration to reward or induce referrals of items or services reimbursable by a federal health care program.[1]  The effect of this guidance seemed to be that hospitals and health providers may be able to subsidize premiums for patients that purchased QHP coverage on the Marketplace.  However, on November 4, 2013, HHS published a Q&A (“Q&A”) that cautions against any third party paying the premiums for QHPs purchased through the Marketplace. HHS states that it has “significant concerns with this practice because it could skew the insurance risk pool and create an unlevel field in the Marketplaces.”  HHS continues on in the Q&A to state that it discourages such practice and encourages issuers to reject third party payments. In addition, HHS will be monitoring any third party payments and plans to take necessary action to discourage such payments.  Therefore, as a result of Q&A, hospitals and health care providers will be closely monitored to ensure they are not subsidizing premiums for QHPs purchased through the Marketplace.

For questions please contact Kristen Gentry at or Meghan Linvill McNab at

[1] Social Security Act §1128B(b)(1) and (2).

Program Exclusion Verification Databases and FACIS Searches for Health Care Providers

Health care providers and contracting entities (“Providers”) have an affirmative duty to check the status of individuals and entities they hire or contract with to ensure they have not been excluded from participation in Medicare, Medicaid, or other Federal health care-related programs because of prior engagement in fraud or abuse.  Providers should perform these verifications prior to entering into, and periodically throughout the duration of, employment or other contractual relationships.[1]  If a health care provider or contracting entity fails to check an individual or entity’s Federal health care program exclusion status, it runs the risk of incurring Civil Money Penalty (“CMP”) liability.[2]  To avoid such liability, Providers should, at a minimum, review the System for Award Management (“SAM”) and the Office of Inspector General (“OIG”) List of Excluded Individuals/Entities (“LEIE”).[3]  In addition, Fraud and Abuse Control Information Systems (“FACIS”) searches provide a means of obtaining information regarding adverse actions taken against individuals and entities in the healthcare field.  Some sources for verifying whether individuals or entities have been excluded from participation in Medicare, Medicaid, or other Federal health care-related programs or whether adverse actions have been taken against individuals and entities in the healthcare field are summarized below.

The System for Award Management (“SAM”) is the official database operated by the United States Government that contains information regarding debarment actions taken by OIG[4] and various other Federal agencies, whereas the LEIE (discussed below) lists only exclusion actions taken by OIG.[5]  Providers may access SAM by clicking here and registering for a free user account.  SAM recently replaced the General Services Administration’s (the “GSA’s”) Excluded Parties List System (“EPLS”).  The GSA continues to administer SAM.  

The OIG List of Excluded Individuals/Entities (“LEIE”) contains information regarding individuals and entities that are excluded by OIG from participation in Medicare, Medicaid, and all Federal health care programs. The LEIE lists only those parties that have been excluded from participation by OIG.  No other exclusion authority is reflected on the LEIE. This is different from the content of SAM, which reflects OIG exclusions and debarment actions taken by Federal government agencies.  The LEIE is located at

Although SAM provides a more comprehensive listing of debarment actions and includes actions also reported in the LEIE, a provider should check both SAM and LEIE, as the LEIE is the primary source of information regarding OIG exclusions, it is maintained by OIG, and it provides more details about persons excluded by OIG than SAM does.[6]

FACIS is a database containing information regarding adverse actions taken against individuals and entities in the healthcare field.  There are three (3) levels of FACIS Reports, each providing a different degree of information.  Several healthcare background check providers provide all three (3) levels of FACIS checks.  

A Level 1 FACIS searches for enforcement actions taken by OIG, GSA, and other federal agencies. It complies with the federal government’s minimum requirements in OIG’s Compliance Program Guidance for Nursing Homes[7], Hospitals[8], and Individual and Small Group Physician Practices[9], as it checks both SAM and the LEIE.

A Level 2 FACIS search includes the federal agencies search in Level 1 FACIS, and adds a search of state agencies for one State of choice.

A Level 3 FACIS check is the most comprehensive level.  It encompasses a Level 1 FACIS search and adds adverse action information from state agencies and licensing and certification agencies in all 50 states.  It exceeds the minimum federal requirements and offers maximum coverage for risk compliance. 

For further questions on program exclusion verifications or SAM, OIG and/or FACIS searches, please contact Carrie Flores at or Meghan Linvill McNab at

[1] Office of Inspector General, Special Advisory Bulletin: The Effect of Exclusion from Participation in Federal Health Care Programs (Sept. 1999).
[2] Id.
[3] Office of Inspector General Updated Special Advisory Bulletin on the Effect of Exclusion from Participation in Federal Health Care Programs at 15 (May 8, 2013).
[5] Office of Inspector General Updated Special Advisory Bulletin on the Effect of Exclusion from Participation in Federal Health Care Programs at 17 (May 8, 2013).
[6] Id.
[7] 73 Fed. Reg. 56832, 56840 (Sept. 30, 2008) Available at
[8] 70 Fed. Reg. 4858, 4876 (Jan. 31, 2005), Available at
[9] 65 Fed. Reg. 59434, 59442 (Oct. 5, 2000), Available at