Addressing the Risk of Whistleblowers

The Department of Justice (DOJ) reported that 93 percent of their successful civil false claims court actions relied upon qui tam relators (“whistleblowers”) that brought the case to their attention. Addressing this risk early on is crucial, and having a better understanding of why whistleblowers come forward can help entities in the long run. Specifically, entities should educate themselves on whistleblowers’ motivations and how to channel their concerns through internal reporting mechanisms, rather than going to outside authorities.

Tom Herrmann, JD, while at the Department of Health and Human Services (HHS) Office of Inspector General (OIG), was responsible for coordinating whistleblower cases with the DOJ. Because the False Claims Act (FCA) cases were civil in nature, it was unusual to involve the Federal Bureau of Investigation (FBI). Mr. Herrmann noted that the DOJ would often have the OIG conduct the preliminary investigation on their behalf, after receiving a complaint from a qui tam relator. Therefore, Mr. Herrmann often had the opportunity to review initial complaints and meet with the relator to determine what caused them to report the problem. The qui tam relators cited many reasons for reporting, but only a few qui tam relators indicated that their motivation was the potential monetary reward coming from the case. Instead, the most common reason for whistleblowing was the whistleblowers’ lack of access to a credible internal reporting channel. This revelation was reinforced when investigators indicated that whistleblowers often reported the problem internally first, and moved to report externally when their complaints were not given adequate attention. Other whistleblowers stated that they were motivated by ethical considerations, compelling them to act rather than allow a bad situation to continue.

Steve Forman, CPA, has over 30 years of experience with the OIG, as a compliance officer, and as a health care consultant. He encountered many situations where an internally-reporting employee was the subject of adverse action or reprisal. In some cases, the employee sought legal recourse to protect themselves. Further, some of these same people turned to attorneys who led them to become qui tam relators. Organizations should note that many employees view reporting a problem to the compliance officer as carrying considerable risk for their job security, their reputation with fellow employees, and potential future financial security. While reassurance regarding protection against retaliation is critical, for some that may not be enough.  This is why organizations should offer anonymous internal reporting options.

Carrie Kusserow, MA, CHC, CHPC, CCEP, has overseen many Independent Review Organization (IRO) and Compliance Expert engagements with clients who have signed Corporate Integrity Agreements with the OIG. She noted that in several cases, while evaluating compliance program effectiveness and conducting IRO reviews, her consultants had identified the original whistleblower and learned that those individuals had tried to raise their concerns internally before becoming a qui tam relator through external means. In other cases, the whistleblower reported that they did not trust the hotline or compliance office to protect them against retaliation. The lesson to learn, to avoid external whistleblowing, is that organizations must ensure that internal compliance channels operate credibly and properly. This means taking prompt action to follow up on complaints or allegations of wrongdoing. Organizations should also implement and follow strong policies and procedures to protect individuals that report potential wrongdoing.  Employees must be permitted to report anonymously or be assured that they will be protected under confidentiality laws if they do choose to identify themselves.

Tips for Compliance Officers

1. Ensure that reporting suspected wrongdoing is stressed in the code of conduct, policies, and training;
2. Review and update hotline-related polices/procedures (confidentiality, anonymity, non-retaliation, duty to report, etc.);
3. Ensure that a 24/7 hotline operates externally;
4. Look to expand and increase compliance communication channels beyond just the hotline;
5. Promote the reporting of wrongdoing (newsletter, intranet, training programs, etc.);
6. Find ways to provide feedback so that employees know that reporting is taken seriously;
7. Consider engaging experts to evaluate compliance communication channels’ effectiveness;
8. Promptly investigate allegations of potential violations of law or regulations;
9. Ensure individuals are trained and competent to conduct prompt investigations;
10. Consider having on call experts in conducting investigations to assist if needed;
11. Promptly disclose relevant matters in all cases where investigation indicates potential violations;
12. Review and update investigation and resolution of allegations related polices/procedures;
13. Take appropriate disciplinary action against identified wrongdoers; and
14. Understand Centers for Medicare & Medicaid Services and OIG self-disclosure protocols to avoid an FCA investigation.

Strategic Management provides many compliance and regulatory services that can help you address the risk of whistleblowers before it becomes a liability to your organization. Visit our website at strategicmanag.wpengine.com to view our services, learn about our Consultants, or contact us directly | (703) 683-9600

About the Author

Richard P. Kusserow established Strategic Management Services, LLC, after retiring from being the DHHS Inspector General, and has assisted over 2,000 health care organizations and entities in developing, implementing and assessing compliance programs.