To Self-Disclose, or Not, that is the Question

 In Blog, Healthcare

In September 2010, the Centers for Medicare & Medicaid Services (“CMS”) established the Voluntary Self-Referral Disclosure Protocol (“SRDP”) in response to the Patient Protection and Affordable Care Act (“PPACA”) mandate that a protocol be developed under which physicians and health care providers could resolve actual or potential violations of the Physician Self-Referral law, more commonly known as Stark Law.  Because disclosure under the protocol is voluntary, one of the most challenging questions faced by providers is whether or not to self-disclose misconduct.  This blog provides some guidance on weighing the risks and rewards of self-reporting misconduct.

The Stark Law prohibits a physician from referring Medicare patients to entities for the provision of designated health services (“DHS”) if the physician (or an immediate family member) has a direct or indirect financial relationship with that entity.  In addition, it prohibits the entity from billing and receiving Medicare payments unless an exception applies.  The Stark Law is a strict liability statute, which means proof of specific intent to violate the law is not required.  Penalties for physicians who violate the Stark Law include fines as well as exclusion from participation in the Federal health care programs.

Because disclosure under the protocol is voluntary, one of the most challenging questions faced by providers is whether or not to self-disclose misconduct.

The SRDP is intended to facilitate the resolution of actual or potential violations of the Stark Law.  As a result, the disclosing party should make a submission under the SRDP with the intention of resolving its overpayment liability exposure for the conduct it identified.  Under the SRDP, CMS has the authority to reduce the amounts to which a physician or health care provider has been overpaid due to a Stark Law violation.  While benefits like this and others of the SRDP can be attractive in that they can be a helpful mechanism to mitigate possibly crippling sanctions, it is important for providers to evaluate the benefits and risks described below when deciding whether to self-disclose.


It is obvious that the most recognizable benefit of self-disclosure pursuant to the SRDP is that the provider has the opportunity to resolve the violation and doing so can avoid the risk of investigation and prosecution to the fullest extent of the law.  In addition, the provider has the possibility of paying a reduced monetary amount via a settlement with CMS.  For example, the first reported settlement was by a Massachusetts hospital whereby the hospital agreed to pay $579,000 to resolve violations with respect to Stark liability regarding personal services exceptions for certain medical staff and on-site coverage.  It was reported that the liability for the hospital could have gone as high as $14 million.  Thus, it was a favorable alternative for the hospital to self-disclose and participate in the SRDP program.

Another benefit to self-disclosing pursuant to the SRDP is the suspension of the 60-day reporting rule for overpayment created by PPACA.  Under Section 6402 of PPACA, it requires that overpayments be reported and repaid within 60 days of “identification.”  CMS states that a disclosure under the SRDP suspends the running of the 60-day notice period until the matter is resolved, withdrawn or removed from the SRDP by CMS.


The SRDP requires participants to provide a detailed description of the actual or potential Stark Law violation and requires the provider to submit a financial analysis of any payments due and owed.  The disclosure requires an extensive amount of detail, which requires the provider to devote an extensive amount of time and financial resources to investigating and preparing a disclosure. Furthermore, the provider is required to certify to the truthfulness of the disclosure. While the SRDP requires a comprehensive disclosure and the expense of financial resources from the disclosing party, there are no guarantees as to whether CMS will reduce the amount owed.  In fact, the SRDP has no method or formula that illustrates how CMS reduces fees.  CMS does, however, provide certain factors that it will consider in determining whether to reduce fees, but there is a great deal of uncertainty as to how CMS evaluates each factor.

Along with the uncertainty of whether fees are reduced, it is important to note that submitting the disclosure to CMS is an admission of guilt.  Section 6409(a)(3) of PPACA explicitly states that the SRDP is separate from the advisory opinion process.  As such, a provider cannot use the SRDP process as a means of determining whether a violation under Stark Law exists, nor can a provider simultaneously disclose under the SRDP and request an advisory opinion regarding the same arrangement.

As stated earlier, participation in the SRDP is exclusive to actual or potential violations of the Stark Law.  As a result, a provider should only disclose through the SRDP if there are no other laws that may be implicated.  Unfortunately, there are times when a disclosing party submits through the SRDP for a Stark Law violation and potential liabilities under other federal laws are uncovered.  For example, issues that raise liability risks under Stark Law may also raise liability risks under the Office of Inspector General’s (“OIG”) civil monetary penalty regarding the Anti-Kickback Statute.  CMS states that upon review of a disclosure, it reserves the right to refer matters to the OIG and the Department of Justice (“DOJ”) for resolution of the False Claims Act, civil monetary penalty or other liability.  Accordingly, making a submission of the SRDP could lead to the possibility of further investigation and other penalties.

In sum, it is important for providers to consider the dilemma of self-reporting – whether the benefits outweigh the risks – before submitting a disclosure via the SRDP.  While the SRDP can be attractive with the growing number of settlements along with the increase in Stark Law penalties in recent years, it is imperative for providers to conduct a risk-benefit analysis before making a submission through the SRDP considering the settlement process has been slow, the settlement amounts have varied widely and the provider subjects itself to other potential dangers.

Photo Credit: ID 120443359 © Artur Szczybylo |

Recommended Posts

Leave a Comment