OIG Corporate Integrity Agreements — CIA and IA Considerations

Call Liles Parker Before Entering a CIA or IA with the OIG(Updated December 27, 2020): Inspectors General have a long and storied history in our country. In 1976, almost 200 years after the appointment of the first Inspector General, the Department of Health and Human Services (HHS), Office of Inspector General (OIG) was established. Since that time, the OIG has been at the forefront of our nation’s efforts to fight waste, fraud and abuse in the Medicare, Medicaid and more than 100 other HHS programs. Among its broad program integrity responsibilities, the OIG has the authority to exclude individuals and entities that have committed certain acts from participation in Federal health care programs.  Depending on the specific facts in a case, the OIG may choose to waive its permissive exclusion authority in exchange for the Medicare provider or supplier agreeing to enter into a Corporate Integrity Agreement (CIA) or Integrity Agreement (IA) with the agency.  This article examines a number of the issues you should consider when entering into a CIA or IA.

I.  Overview of the OIG’s Exclusion Authority:

The OIG’s authority to exclude individuals and entities from participating in Federal health care programs is without a doubt, the most severe administrative sanction available to the agency under the Social Security Act.   From a practical standpoint, an OIG exclusion action is essentially the “nuclear bomb” of administrative sanctions. Excluded individuals and entities are barred from participation in all Federal health care benefit programs, and providers that employ or contract with excluded entities risk the imposition of civil monetary penalties (CMPs) and significant overpayment liability. As of November 2020, there are approximately 74,000 individuals and entities listed on the OIG’s “List of Excluded Individuals and Entities” (LEIE). Notably, states also have the administrative authority to bar providers from participating in their State Medical Assistance Programs, but the exclusion authorities exercised by states are beyond the scope of this article.

II.  Differences Between Mandatory and Permissive Exclusion Authorities:

There are two types of OIG Exclusions – Mandatory and Permissive. Mandatory Exclusions are identified in Sections 1128(a)(1) – 1128(a)(4) of the Social Security Act (SSA), and they are imposed as a result of convictions for program fraud, patient abuse, and certain drug offenses. Permissive exclusions, on the other hand, are discretionary and can be imposed for broad range of conduct. These are identified in §1128(b)(1)–§1128(b)(17) and §1156 of the Act.[1]

While the OIG has very little discretion when it comes to the imposition of a mandatory exclusion action, you need to keep in mind that even when faced with a permissive exclusion situation, the OIG presumes that some period of exclusion should be imposed. It is therefore essential that your counsel position your case so that your best arguments to address this rebuttable presumption are presented in a logical, persuasive fashion. One of the primary factors considered by the OIG when deciding whether to exercise its permissive exclusion authority is the future risk to Federal health care programs of allowing the continued participation of an individual or entity.

Should the OIG determine that the agency does not need to exercise its permissive exclusion authority in order to protect Federal health care programs, it will often require that an individual or entity agree to enter into a IA or a CIA, in lieu of exclusion.

III.  The OIG Often Requires a CIA or IA When the Government Settles a False Claims Act Case:

The False Claims Act is the primary civil enforcement tool utilized by the government. During Fiscal Year 2020, the Department of Justice (DOJ) secured more than $3 billion in civil settlements and judgments in connection with cases involving fraud against the government. Notably, $2.6 billion of the $3 billion in recoveries were healthcare related. A False Claims Act settlement will typically give rise to a potential OIG permissive exclusion action under Section 1128(b)(7) of the Social Security Act. When settling a healthcare related False Claims Act case with the DOJ, a defendant will normally seek to have the OIG waive its permissive exclusion authority under Section 1128(b)(7). In exchange for waiving exclusion, the OIG will likely insist that a defendant agree to implement and adhere to the terms of a CIA.

IV.  What is a Corporate Integrity Agreement (CIA) / Integrity Agreement (IA)?

A CIA is essentially a mandatory Compliance Plan that is carefully supervised and monitored by the OIG.[2] The requirement for a CIA is typically part of a larger civil settlement between a health care provider or supplier and the government.  This settlement is effectively a contract between an entity and the government, in the event of a breach the OIG may have one or more remedies that it may pursue.  When dealing with an individual or small practice, the OIG typically enters into an Integrity Agreement (IA) as part of its settlement with a defendant.

Under the terms of a CIA, a health care entity agrees to implement and comply with a variety of reporting requirements, training and auditing / monitoring obligations in exchange for the OIG agreeing not to exercise its permissive exclusion authority.  While each CIA is tailored to account for the specific issue of concern in the underlying settlement, there are a standard set of requirements that are included in most CIAs approved by the OIG.  For example, most CIAs require that a provider establish new policies and procedures to prevent future overpayments, employ compliance staff, conduct worker training, and pay for an Independent Review Organization (IRO) to conduct periodic claims audits.

Usually lasting for up to 5 years, CIAs focus on identifying overpayments and refunding the payor agency in a timely manner. Providers are also typically required to alert the OIG within 30 days of any designated “reportable events” identified in the CIA, including substantial overpayments and the potential violation of criminal / civil laws and administrative requirements.

V.  What is a “Reportable Event”?

Most CIAs require that if a provider identifies a reportable event, it must be disclosed to the OIG within 30 day.  What is a reportable event?  Great question.  As specified in the agreement between the parties, it typically includes:

  • a substantial overpayment;
  • a matter that a reasonable person would consider a potential violation of criminal, civil, or administrative laws applicable to any Federal health care program for which penalties or exclusion may be authorized;
  • the employment of or contracting with an ineligible person (as defined in the CIA); or
  • the filing of a bankruptcy petition.

VI.  What Types of Penalties May be Assessed if an Individual or Entity Fails to Meet its Obligations Under a CIA?

The OIG takes CIAs very seriously.  If you enter into a CIA and fail to comply with your contractual obligations, you should expect the OIG to pursue the maximum penalties allowable under the terms of the agreement.  Remedies available to the OIG include stipulated penalties and exclusion.

(A)  Stipulated Penalties. An integral part of most CIAs / IAs is the requirement that a Medicare provider or supplier agree to stipulate to the assessment of significant monetary penalties should the organization or individual fail to comply with certain obligations set out in the agreement.  It is important to note that stipulated penalties accrue each day that a Medicare provider or supplier is in breach of its contractual obligations with the OIG.  Sample language pulled from a recent CIA is set out below:

A. Stipulated Penalties for Failure to Comply with Certain Obligations

 As a contractual remedy, [Medicare Provider] and OIG hereby agree that failure to comply with certain obligations as set forth in this CIA may lead to the imposition of the following monetary penalties (hereinafter referred to as “Stipulated Penalties”) in accordance with the following provisions.

 1. A Stipulated Penalty of $2,500 (which shall begin to accrue on the day after the date the obligation became due) for each day [Medicare Provider] fails to establish, implement or comply with any of the following obligations as described in Section III:

 a. a Compliance Officer;

b. a Compliance Committee;

c. the Board of Directors compliance obligations;

d. the management certification obligations;

e. written Policies and Procedures;

f. a written process for Certifying Employees to follow for the purpose of completing the certification required by Section III.A.4;

g. training and education of Covered Persons and Board Members;

h. a risk assessment and internal review process;

i. a Disclosure Program;

j. Ineligible Persons screening and removal requirements;[3]

k. notification of Government investigations or legal proceedings;

k. policies and procedures regarding the repayment of Overpayments; and

l. reporting of Reportable Events.”

(B)  Contractually-Based Exclusion from Participation in Federal Health Care ProgramsAs previously discussed, a Medicare provider or supplier often agrees to comply with a variety of requirements set out in a CIA or IA in exchange for the OIG’s waiver of its permissive exclusion authority. Most CIAs and IAs expressly note that in the event of a material breach to the agreement, the parties agree that the OIG has the contractual right to exclude a Medicare provider or supplier from participation in Federal health care programs.  A copy of this sample language is set out below:

Notice of Material Breach and Intent to Exclude. The parties agree that a material breach of this CIA by [Medicare Provider] constitutes an independent basis for [Medicare Provider’s] exclusion from participation in the Federal health care programs. The length of the exclusion shall be in the OIG’s discretion, but not more than five years per material breach. Upon a determination by OIG that [Medicare Provider] have materially breached this CIA and that exclusion is the appropriate remedy, OIG shall notify [Medicare Provider] of: (a) [Medicare Provider’s] material breach; and (b) OIG’s intent to exercise its contractual right to impose exclusion. (This notification shall be referred to as the “Notice of Material Breach and Intent to Exclude.”)” (emphasis added).

(C)  Recent Case Examples Where the OIG has Imposed Stipulated Damages and / or Exercised its Contractual Right to Exclude a Party from Participation. In both of the following cases, the OIG didn’t hesitate to exclude a party that failed to meet its obligations under a CIA or IA:

Case #1:  In this case, a Louisiana home health agency was under an IA with the OIG and failed to turn in its second annual report when it was due.  In response, the OIG sought stipulated damages (as provided for under the agreement) of $280,000 When the home health agency failed to pay the stipulated penalties that had been assessed, the OIG issued a “Notice of Material Breach and Intent to Exclude” the home health agency from participating in Federal health care programs.  The OIG subsequently excluded the agency for five years.

Case #2:  In this case, an Oklahoma prosthetics supplier was under a CIA and failed to repay an overpayment that had been identified by its Independent Review Organization (IRO).  Based on the supplier’s breach of its overpayment repayment obligations, the OIG issued a “Notice of Material Breach and Intent to Exclude” letter to the supplier and subsequently excluded the company for five years.

VII.  Final Thoughts:

It is worth noting that the OIG attorney assigned to negotiate the terms of your CIA or IA will be a different attorney than you or your counsel dealt with at the OIG or DOJ when negotiating an underlying settlement.  It is therefore essential that you engage an experienced health law firm to represent you in the CIA / IA negotiations process and guide you through the implementation, training and reporting process. This can significantly reduce the likelihood of non-compliance, help avoid the imposition of stipulated penalties, and in a worst-case scenario, avert the exclusion of you or your company from participation in Federal health care programs.

NATIONWIDE REPRESENTATION   Call: 1 (800) 475-1906.

Liles Parker attorneys have negotiated numerous favorable settlements in False Claims Act cases, represented providers and suppliers when negotiating the terms of a CIA / IA, and guided clients through the implementation, training and reporting process.  Several of our attorneys held significant positions at DOJ.  In fact, we are the only law firm in the country with two former Federal prosecutors who served as “National Health Care Fraud Coordinator” for the 94 U.S. Attorneys Offices around the country.  We have the skills, knowledge and abilities to help you successfully traverse the complicated CIA process.  Questions?  For a free consultation, please give us a call:  1 (800) 475-1906.


[1] For an up-to-date list of the current Permissive Exclusion Authorities available to the OIG, we recommend you see a recent article, “A Provider’s Guide to OIG Exclusions,” and the accompanying chart prepared by the folks at Exclusion Screening.  www.exclusionscreening.com

[2] With the assistance of an outside Independent Review Organization (IRO).

[3] For additional information in the OIG's increasing efforts to ensure that screening is taking place, see our article on this issue.

Leave a Reply