Last month, Millennium Health agreed to pay $256 million to settle allegations that the company violated the False Claims Act (FCA) by causing physicians to order medically unnecessary tests and providing physicians with free urine drug test cups – conditioned upon an agreement by the physicians to return urine specimens to Millennium for testing – in violation of the Stark Law and Anti-Kickback Statute.
In a move that follows the tack it has taken with certain pharmaceutical companies, the OIG corporate integrity agreement (CIA) with Millennium requires – as part of putting in place its compliance program – that the company’s Board of Directors retain a compliance expert to evaluate the effectiveness of the company’s compliance program. This is just the latest signal from the OIG that Boards of Directors must be knowledgeable about compliance risks facing their companies and the effectiveness of the programs built to manage those risks.
The OIG’s requirement that the Millennium Board of Directors engage a compliance expert to assist it in the evaluation of the effectiveness of the company’s compliance program not only follows pharmaceutical company precedent, but also aligns with the requirements of the CIA entered into with another lab company – Quest Diagnostics Incorporated – in 2009.
The language of the Millennium CIA also is consistent with guidance provided to health care entity Boards of Directors earlier this year by the OIG when it stated:
“…a Board can raise its level of substantive expertise with respect to regulatory and compliance matters by adding to the Board, or periodically consulting with, an experienced regulatory, compliance, or legal professional. The presence of a professional with health care compliance expertise on the Board sends a strong message about the organization’s commitment to compliance, provides a valuable resource to other Board members, and helps the Board better fulfill its oversight obligations. Board members are generally entitled to rely on the advice of experts in fulfilling their duties. OIG sometimes requires entities under a CIA to retain an expert in compliance or governance issues to assist the Board in fulfilling its responsibilities under the CIA.”
– Practical Guidance for Health Care Governing Boards on Compliance Oversight (April 20, 2015) (citations omitted).
The Millennium CIA requires that the compliance expert create a work plan for evaluating the effectiveness of the company’s compliance program and prepare a compliance program review report. This report must include (1) a description of the review conducted by the expert and (2) any recommendations for the compliance program. The Board of Directors must consider the report as part of its responsibility to oversee Millennium’s compliance with federal health care program requirements, a responsibility which the CIA expressly places upon the Board.
The CIA also requires that the Millennium Board annually adopt a resolution – signed by each director – summarizing its oversight of the company’s compliance with federal health care program requirements and the terms of the CIA. The resolution must include the following language:
“The Board of Directors has made a reasonable inquiry into the operations of Millennium’s Compliance Program including the performance of the Compliance Officer, the Compliance Committee, and the Chief Clinical Officer. Based on its inquiry and review, the Board has concluded that, to the best of its knowledge, Millennium has implemented an effective Compliance Program to meet Federal health care program requirements and the obligations of the CIA.”
If the Board cannot conclude that Millennium has implemented an effective compliance program, it must explain why and set out the steps the company is taking to do so.
Earlier this year, two other testing laboratories settled allegations that they violated the FCA by paying illegal remuneration to physicians in exchange for patient referrals. Health Diagnostics Laboratory Inc. (HDL) and Singulex Inc. paid $47 million and $1.5 million respectively as part of these settlements. While both companies’ CIAs require their Boards of Directors to adopt a resolution virtually identical to that required by the Millennium CIA, neither require that the Boards retain a compliance expert.
The HDL CIA, while not requiring the engagement of a compliance expert, suggests that the company take this step. The CIA requires that HDL submit to the OIG a description of the documents and other materials it reviewed, as well as any additional steps taken, such as the engagement of an independent advisor or other third-party resources, in its oversight of the compliance program and in support of making the resolution below during each Reporting Period (emphasis added).
The Singulex CIA includes this same provision minus the bolded language.
To effectively oversee a company’s compliance program, a Board must have an understanding of both the risks of noncompliance with federal health care program requirements and the mechanisms to manage those risks. Through the Millennium CIA and other avenues, the OIG continues to express its expectation that Boards draw upon compliance expertise in discharging its oversight duty.