Compliance gaps in due diligence: lessons learned from a $25 million FCA Settlement
In October 2021, Massachusetts Attorney General announced a $25 million settlement with South Bay Mental Health Center, Inc.’s (SBMHC) private equity owner and two former executives. The settlement alleged that false claims were submitted to the Massachusetts Medicaid Program, MassHealth, for services provided to patients by unlicensed, unqualified, and unsupervised staff members across
a number of facilities in Massachusetts. The Massachusetts Attorney General revealed in a press release that the case was handled with “substantial assistance” from both the U.S. Department of Health and Human Services Office of the Inspector General (HHS-OIG) and the US Attorney’s Office for the
District of Massachusetts.
“It has eliminated all of the manual work that we have to do, but it's also given us peace of mind that we're not going to have the government knocking on our door because ProviderTrust is going to make sure that we have all the tools that we need to function and do our job.”
Sr. Compliance Specialist at Dialysis Clinic Inc.
Let's do better together. Explore our employee monitoring solution.
Michael Rosen, Esq.
“I hope that they'll continue to be a client 11 years from now. It'll be one of those stories where we can say they bet on us at a time in which we were trying to get our feet into the market, and we value that. We're going to do everything we can to listen to them and hear how we can make automation and centralization better for them and really achieve that peace of mind that their patients are safe in the hands of their providers.”
WRITTEN BY: PROVIDERTRUST | 10 MIN
South Bay Mental Health Center is a mental health care provider that offers behavioral health care — as well as autism services and substance abuse counseling — to low-income residents in Massachusetts. But in August 2015, a lawsuit was filed by a former SBMHC employee Christine Martino-Fleming in the District Court for the District of Massachusetts. Allegedly, Martino-Fleming brought her concerns about unqualified and unsupervised individuals to her superiors at South Bay Mental Health Center and was soon after terminated from her position. This led her to file her case under the qui tam (whistleblower) provisions of the Massachusetts False Claims Act and the federal False Claims Act. In January 2018, the Massachusetts AG intervened in the lawsuit.
In 2017, Massachusetts AG Maura Healy sued SBMHC for Medicaid fraud. The defendants included private equity firm H.I.G. Growth Partners, LLC, and its subsidiary HIG Capital, LLC, as well as two former executives, Peter J. Scanlon and Kevin P. Sheehan. The Massachusetts AG’s investigation allegedly revealed a pattern within the company of employing unlicensed, unqualified, and unsupervised staff at its mental health centers across 17 locations in multiple Massachusetts counties. The AG’s office also alleged that within the clinics named in the complaint, there were notable gaps in licensing and supervision of therapists.
In fact, many employees at SBMHC did not even have degrees in social work, making them ineligible for the licenses staff were required to have upon hire. At one SBMHC location in Attleboro, MA, of their 125 employees, only two supervisors were licensed and, therefore, could not have properly supervised the other unlicensed staff. By submitting fraudulent claims to MassHealth for services provided by unlicensed, unqualified, and unsupervised staff, SBMHC had violated both the Massachusetts False Claims Act and the federal False Claims act.
Corporate Integrity Agreements (CIAs) are agreements between a healthcare provider and the Department of Health and Human Services (HHS-OIG) that are intended to ensure compliance with federal laws and regulations and to prevent fraud and abuse in government healthcare programs. CIAs have a variety of requirements which may include requiring the company to have an independent review organization that will conduct regular reviews of the provider's billing practices, ensuring proper documentation to support medical necessity or levels of care. Additionally, the company must implement internal controls, such as compliance programs, exclusion monitoring, reporting obligations, as well an annual report that requires senior officials to attest to their role in the oversight and assurance of compliance with laws and regulations.
"In the CIAs we're seeing now in the 2020 generation and above, the compliance officer traditionally has to sign off in addition to the CEO," Rosen said. "I'm not sure that was the case with SBMHC, but arguably, it's a reminder to all compliance officers to never sign off blindly without proper diligence, or otherwise, be at risk for personal liability, which we've seen happen. It's not just the CEO and the board. It's the CEO, board, and compliance officer who could be held personally liable."
To avoid compliance risk in a merger or acquisition and to be certain that no payments are being made to excluded or unlicensed providers, compliance monitoring is a crucial component of due diligence as it relates to CIAs. Ensuring that a compliance program is in place for exclusion monitoring and license verification is an important step in preventing fraud, waste, and abuse in an organization following a merger or acquisiton.
“You’ve got to be poking the bear saying, ‘Who’s doing our verifications? Are we doing this? Are we billing?’ Because now you
and your reputation are at stake. That’s
a big change.”
US Treasury Department and Inspector General Office located in Washington, DC, USA.
“Private equity investment in healthcare shows no signs of slowing down. I don’t
think a case like this is going to turn off private equity investors from the
Chenery echoed this sentiment, saying, “Investors need to think very carefully, particularly where some of these investors may not have much or any experience operating healthcare companies or managing healthcare providers in what is a very highly regulated industry. They need to think carefully, not only about the role that they take in operating the portfolio companies, but also how they describe that role in both internal and external communications. It’s not to say that investors shouldn’t play an active role in the operation of their portfolio companies, they just need to make sure that they’re doing it the right way and that they have adequate compliance functions in place.”
In January 2021, the Massachusetts AG and SMBHC reached a settlement to resolve the allegations. The Court denied attempts by the defendants to dismiss the allegations at the summary judgment stage. Under the terms of the settlement, private equity firm H.I.G. Growth Partners, LLC agreed to pay $19.95 million, while the two executives, Scanlon and Sheehan, agreed to pay the remaining $5.05 million.
"Private equity firms have to take a step back and say, ‘What do I have to do differently? What standard has changed? What’s the expectation? What risks have now been more explicitly put on my plate?’"
This case is noteworthy for a number of reasons. For starters, it is the largest publicly-disclosed government healthcare fraud settlement in the US that involves private equity oversight of unlicensed healthcare providers. Twenty-five million is also the largest amount a private equity firm has had to pay to resolve fraud allegations involving healthcare portfolio companies. The settlement also includes provisions for SBMHC to implement compliance measures to prevent future false claims from being submitted.
Ultimately, this action demonstrates a continuing trend of the Department of Justice and the OIG to include private equity firms in whistleblower False Claims Act investigations. “It’s the first time we’ve really seen a private equity firm that is tagged directly with oversight,” said Michael Rosen, co-founder of ProviderTrust. Private equity firms, which are firms that buy and manage companies, have become the target of more and more False Claims Act investigations due to the potential for fraud and abuse in the companies they acquire and manage.
“If I’m on the board — and certainly from the private equity side of the board — my antennas are up,” added Rosen. “Because these are people who work somewhere else or who are retired, who come in on a quarterly basis, and they need to be asking probing questions of the audit committee. You can’t just show up and say ‘Everything sounds fantastic!’ You’ve got to be poking the bear saying, ‘Who’s doing our verifications? Are we doing this? Are we billing?’ Because now you and your reputation are at stake. That’s a big change.”
The multimillion-dollar settlement with SBMHC is a stark reminder of the importance of compliance with state and federal laws and regulations for private equity investors in healthcare. The inclusion of a five-year Corporate Integrity Agreement (CIA), which will require SBMHC to implement measures to ensure compliance with state and federal laws and regulations, is a key aspect of this reminder.
“In this particular settlement, individuals were personally named,” said Thiel. “That’s scary. As a Compliance Officer it is important to be an active member of the leadership team and engaged with
the board. It is important to protect the company
but also yourself.”
The SBMHC settlement proves that healthcare providers must be diligently monitoring their compliance efforts. Government agencies continue to remain vigilant in their oversight and enforcement efforts to protect the integrity of public programs like Medicaid. The case should serve as a warning to other healthcare providers engaging in fraudulent activities and abuse of government programs that they will be held accountable for their actions. Ultimately, the SBMHC settlement is a positive step forward. It ensures that public trust in government programs like Medicaid is maintained and that the integrity of the healthcare system is protected.
When asked about how this case will affect private equity investors and firms going forward, J. Taylor Chenery, a healthcare law and compliance lawyer at Bass, Berry, & Sims, PLC in Nashville, Tenn., said, “Private equity investment in healthcare shows no signs of slowing down. I don’t think a case like this is going to turn off private equity investors from the healthcare industry, but I think they do need to consider and, frankly, seek experienced legal counsel and consider what their role is going to be in managing their healthcare portfolio companies moving forward.”
Donna Thiel, chief compliance officer at ProviderTrust, added, “Private equity firms have to take a step back and say, ‘What do I have to do differently? What standard has changed? What’s the expectation? What risks have now been more explicitly put on my plate?’”
WHY THIS MATTERS
Webinar recap: 3 compliance monitoring trends impacting healthcare in 2023
Read our interactive guide to selecting a license monitoring solution
Licenses & Credentials
Michael Rosen, Esq. | Co-founder of ProviderTrust
Donna Thiel | Chief Compliance Officer at ProviderTrust
J. Taylor Chenery | Healthcare Law and Compliance Lawyer at Bass, Berry, & Sims, PLC.