Tuomey Settlement Marks New Day for Individual Accountability in Healthcare

We knew this day was coming. The Yates Memo told us so.

But for healthcare, the recent $1 million settlement between the former CEO of Tuomey Healthcare and the Justice Department turned individual accountability from a theory into a high-cost and very public reality. At the center of the settlement were allegations of illegal compensation arrangements between the organization and physicians, and more than 21,000 false Medicare claims–violations of the Stark Law and False Claims Act.

“[The] settlement demonstrates that the Justice Department and its law enforcement partners will hold individual decision makers accountable for their involvement in causing the companies and facilities they run to engage in unlawful activities,” Principal Deputy Assistant Attorney General Benjamin C. Mizer said in a Justice Department news release.

Indeed, it does.

Although there have been other personal liability settlements, none have been at the level of Tuomey. The case demonstrates the kind of regulatory scrutiny not only healthcare organizations–but especially their individual employees–can expect going forward, with similar cases and settlements likely to arise. Here are four lessons healthcare organizations should take away from this settlement:

1. It’s not whether you’ve personally benefited. It’s whether you’re in any way personally responsible for the alleged fraudulent activity.
The buffer between corporations and their individual employees is gone. No longer will regulators hold just individuals who benefited from fraudulent activity accountable. All individuals with oversight of the alleged activity could be assigned blame and restitution.

2. Whistleblowers–and companies themselves–have more reason than ever to disclose fraudulent activity and all individuals involved.
In the past, individuals who suspected inappropriate activity might have stayed quiet to protect their boss. Now, though, those aware of fraudulent activity have more incentive to come forward, because they could be liable if they refrain and the DOJ finds out anyway. Additionally, for corporations to qualify for any cooperation credit under the Yates Memo, they must provide the DOJ all relevant facts about the individuals involved in corporate misconduct– “regardless of position, status or seniority.”

3. Entities should challenge their corporate compliance programs…yesterday. 
Provider contracts will continue to come under scrutiny–especially in light of payment reform. The Tuomey case gives testing corporate compliance programs a real sense of urgency. Entities need to review the effectiveness of their corporate compliance programs: How long, how often and in what capacity are contracts, and billing and coding processes, tested? Is there a process for alerting supervisors and managers to issues of concern, and if so, what is it? Are hotlines in place so employees can communicate concerns before immediately going to a regulator as a whistleblower?

4. Individuals beyond the C-Suite could be held liable too.
In the case of Tuomey it was a C-level executive held accountable. But depending on the type of fraud in question, individuals outside the C-Suite–down to physicians, and billing and coding workers–could be held accountable if regulators can prove intent to defraud Medicare.

Healthcare organizations with compliance questions specific to their organization or facility are invited to reach out to BDO.