The New OIG “Responsible Corporate Officer Doctrine”

Thomas Herrmann | January 2011

The DHHS Office of Inspector General (“OIG”) has raised the stakes for health care executives whose companies become involved in a Federal Government fraud case. The OIG recently signaled a new commitment to holding health care company owners, officers, and managing employees accountable for corporate misconduct under its new Responsible Corporate Officer Doctrine.

The OIG announced the enhanced use of its program exclusion authority against owners, officers, and managing employees of companies that are subject to criminal or administrative sanctions. Accordingly, health care company executives need to be cognizant of their increased personal exposure to OIG administrative sanctions, and exercise due diligence and vigilance in performing their corporate responsibilities and duties.

Legal Background

Under the Social Security Act (“SSA”), the Secretary of DHHS has the authority to exclude or bar certain individuals and entities who have engaged in wrongdoing from participating in Federal health care programs, such as Medicare and Medicaid. This exclusion authority has been delegated to the OIG. Each year, the OIG has excluded an ever increasing number of individuals and entities from program exclusion. In Fiscal Year 2010, the OIG excluded 3,340 individuals and entities from program exclusion. [1]

Section 1128 of the SSA specifies the types of misconduct that may serve as the basis for either a “mandatory” or “discretionary” exclusion from Federal health care program participation. [2] When an individual or entity is excluded from Federal health care program participation, the programs are precluded from paying for any medical items or services furnished, ordered, or prescribed by the excluded person or company.

Further, to the extent that claims are submitted for items or services furnished, ordered, or prescribed by an excluded individual, the submitting individual or entity may be subject to OIG imposition of civil money penalties. [3]

Over the years, Congress has amended and broadened the program exclusion authority delegated to the OIG. In the Deficit Reduction Act of 1984 (Pub. L. 98-369), Congress recognized the need to provide DHHS with the discretionary authority to exclude from Medicare and Medicaid an entity in which either (1) a person with direct or indirect ownership interest of five percent or more, or (2) a director or managing employee, was convicted of a crime related to Medicare or Medicaid.

The Medicare and Medicaid Patient and Program Act of 1987 (Pub. L. 100-93) further expanded the DHHS exclusion authority to apply to an individual with ownership, management, or other substantial relationship who was convicted of a program-related crime, or alternatively, was subject to civil money penalties (imposed by the OIG under section 1128A of the Social Security Act), or exclusion from program participation (under section 1128 of the Act). [4]

And finally, the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”)(Pub. L. 104-191) provided DHHS with the discretionary authority to exclude an individual who:

  • Has ownership or control interest in a sanctioned entity and who knew or should have know about the underlying actions that were the basis for the entity’s sanction, or
  • Is an officer or managing employee in a sanctioned entity. [5]

The law specified that, in the case of an owner or investor, to support that individual’s program exclusion, the OIG must demonstrate that the individual either knew of the improper conduct, or acted in “deliberate ignorance” or “reckless disregard of the truth or falsity of . . . [certain] information.” [6]  However, with respect to an officer or managing employee, the OIG need not establish any level of knowledge in order to sustain an exclusion.

An officer or managing employee of a health care company, by virtue of his/her corporate responsibilities, was deemed by Congress to have the requisite knowledge of a company’s wrongdoing, thereby justifying the program exclusion of the individual. The House/Senate Conference Report explained the new Section 1128(b)(15) exclusion authority as follows:

“Under this provision an individual who has a direct or indirect ownership or control interest in a sanctioned entity and who knows or should know of the action constituting the basis for the conviction or exclusion, or who is an officer or managing employee of such entity, may be excluded if the entity has been convicted or excluded from program participation. The culpable individual would also be subject to program exclusion even if not initially convicted or excluded.” [7]

With the enactment of these two permissive exclusion authorities, i.e., section 1128(b)(8) and (b)(15) of the SSA, the OIG was provided the discretionary ability to exclude both culpable companies and related individuals from participation in Federal health care programs.

OIG’s Implementation of Section 1128(b)(15) of the SSA

In the 15 years since HIPAA’s enactment, there have been few instances of the OIG excluding from Federal health care program participation an individual who was an owner, officer, or managing employee in a sanctioned company. To date, a total of 32 exclusions have been imposed under section 1128(b)(15) of the SSA. [8]

Generally, these sanctions have been directed against principals in small health care companies, such as pharmacies and durable medical equipment companies. However, the OIG recently announced a new focus on holding owners, officers, and managing employees personally accountable for corporate wrongdoing.

On October 20, 2010, the OIG published guidance regarding its future imposition of permissive exclusions under section 1128(b)(15) of the Act, [9] and set forth the criteria and factors that will be considered in making a determination regarding the program exclusion of a health care company’s owner, officer, or managing employee.

The OIG announced that it has the authority to exclude the owner of a sanctioned entity if he/she knew or should have known of the conduct constituting the basis of the sanction The OIG stated that “if the evidence supports a finding that an owner knew or should have known of the conduct, OIG will operate with a presumption in favor of exclusion, [which] may be overcome when the OIG finds that significant factors weigh against exclusion.”

This suggests that where evidence exists of an owner’s knowledge of wrongdoing by a company, there will be an OIG predisposition to exclude the individual unless there are mitigating factors. Thus, it is likely that, in the future, company owners will be subject to program exclusion where the evidence demonstrates that they knew, or should have known, of a sanctioned company’s misconduct.

The OIG also made it clear that, with respect to officers and managing employees, the statute does not require knowledge in order to exclude such individuals.  In such instances, the “OIG has the authority to exclude every officer and managing employee of a sanctioned entity.” [10]

The OIG stated further, that while it does not plan on excluding all officers and managing employees, “when there is evidence that an officer or managing employee knew or should have known of the conduct [resulting in a company’s sanctions], OIG will operate with a presumption in favor of exclusion.” It noted however, that as with corporate owners, “the presumption may be overcome when OIG finds that significant factors weigh against exclusion.” [11]

The OIG advised that it was publishing these factors to promote several objectives:

  • Allow for the development of effective investigations and investigative plans by OIG and its law enforcement partners;
  • Establish and publicize a framework that will serve as the basis for OIG’s permissive exclusions;
  • Allow for the appropriate allocation of OIG resources to actions that have the most remedial and deterrent effect; and
  • Positively influence individuals’ future behavior and hospital corporate compliance with Federal health care program requirements by holding individuals accountable for misconduct within entitles in which they are in positions of authority. [12]

The factors that the OIG will consider in deciding whether to exercise its discretion to exclude an officer or managing employee under section 1128(b)(15) of the SSA are the following:

  • The circumstances of the misconduct and seriousness of the offense;
  • The individual’s role in the sanctioned entity;
  • The individual’s actions in response to the entity’s misconduct;
  • Information about the entity, such as whether the entity was previously convicted of a crime or found liable, or resolved civil or administrative charges with a Federal or State enforcement authority, and the size and structure of the entity and its subsidiaries. [13]

Information obtained regarding these specified factors will be evaluated by the OIG to determine whether it should use its discretionary authority to exclude officers and managing employees of sanctioned entities.

The Guidance notes that they “are internal agency guidelines,” and “are not intended to limit OIG’s discretionary authority to exclude individuals and entities that pose a risk to Medicare and other Federal health care programs or program beneficiaries, nor do they create any rights or privileges in favor of any party.” [14]

Recent OIG Exclusion Action

Shortly after publication of the “Guidance for Implementing Permissive Exclusions Under Section 1128(b)(15)” of the SSA, the OIG announced the program exclusion of a major owner and officer of a pharmaceutical company.

On October 29, 2010, Marc Samuel Hermelin was excluded from participation in Federal health care programs under section 1128(b)(15) of the Act.  Hermelin had previously served as Chairman of the Board of the K-V Pharmaceutical Company (“K-V”), and also was a major shareholder.

Mr. Hermlin’s exclusion was based on the guilty plea to criminal charges by the Ethex Corporation, a wholly owned subsidiary of K-V. The OIG’s exclusion letter to Mr. Hermelin noted that a court had ordered “Ethex to pay restitution of approximately $2.3 million.” It was also reported that Ethex had paid a $23.4 million criminal fine related to the manufacture of oversized drug tablets. [15]

A separate Settlement Agreement between the OIG, K-V, and Mr. Hermelin was also executed on November 15, 2010.  The Agreement stated that the Ethex Corporation’s guilty plea constituted the basis for Mr. Hermelin’s exclusion under section 1128(b)(15)of the SSA. The Agreement also specified that Mr. Hermelin would withdraw from Company management and divest his ownership interest in K-V.

Finally, the Agreement provided that, if K-V or Mr, Hermelin failed to comply with the terms governing his withdrawal from Company ownership and management, the OIG could exclude K-V under section 1128(b)(8) of the SSA based on Mr. Hermelin’s prior exclusion under section 1128(b)(15) of the SSA.

On November 17, 2010, K-V issued a press release advising of Mr. Hermelin’s resignation from the Company’s Board of Directors and divestiture of personal ownership interest in the Company. KV reported that this action had been taken “to avoid the adverse consequences to the Company, including a discretionary exclusion of the Company” under section 1128(b)(8) of the SSA, and noted  execution of the separate Settlement Agreement between the Company, Mr. Hermelin and his wife, and the OIG. KV represented:

“As long as the parties comply with the Settlement Agreement, HHS OIG will not exercise its discretionary authority to exclude the Company from participation in federal health care programs, thereby allowing the Company and its subsidiaries (with the single exception of ETHEX Corporation) to continue to conduct business through all Federal and state health care programs.”

An OIG representative stated that “this is the first time that an executive of a pharmaceutical firm has been excluded under [the section 1128(b)(15)] authority.” It was also noted that the OIG has decided to “implement [this exclusion authority] more vigorously than in previous years.” [16]

Further, an OIG official advised that this case represents the first instance of coupling the enforcement of the exclusion authorities under sections 1128(b)(8) and 1128(b)(15) of the SSA against a company, and its owner, officer, and/or managing employee.

Future Direction

The OIG’s new commitment to enhancing its enforcement and imposing sanctions against corporate executives and managers was first announced by Inspector General Daniel Levinson in April 2010. In his keynote address at the Annual Compliance Institute of the Health Care Compliance Association (“HCCA”), the Inspector General highlighted the responsible corporate officer doctrine, and proclaimed that “the OIG is focused on holding responsible corporate officials accountable for health care fraud.” [17]

He referenced the U.S. Supreme Court decision in United States v. Park, in explaining the doctrine:

“Liability as a responsible corporate officer does not turn upon a corporate officer’s approval of wrongdoing, but rather on whether the officer had, by reason of his or her position in the corporation, responsibility and authority either to prevent, or promptly correct, the violation at issue, and the officer failed to do so.” [18]

Levinson also noted the OIG’s recent exclusion of the chairman of a nursing home chain due to his responsibility for the provision of substandard care to residents at various facilities, including the failure to protect them from accidents, neglect, and abuse.

On September 14, 2010, the Chairman and Ranking Member of the House Ways and Means Subcommittee, in response to OIG recommendations, introduced a bill to further expand the section 1128(b)(15) exclusion authority.

The Strengthening Medicare Anti-Fraud Measures Act of 2010 (H.R. 6130) was described as addressing two gaps that currently exist in the OIG’s section 1128(b)(15) exclusion authority.  The bill would extend the authority to reach:

  • Affiliated entities, including those affiliated with the sanctioned entity at the time the misconduct took place, and owners, officers, and managing employees of those affiliated entities, and
  • Owners, officers, and managing employees of sanctioned and affiliated entities who subsequently leave those entities but were associated with them at the time the misconduct took place. [19]

The House of Representatives passed H.R. 6130 on September 22, 2010, and the bill is currently awaiting action by the U.S. Senate.


Compliance Officers need to ensure that their executive leadership is briefed on the significance of the OIG’s responsible corporate officer/managing employee doctrine.  These individuals need to understand their potential exposure for corporate misconduct, and that corporate status will no longer insulate them from personal liability for company misconduct related to the furnishing of health care items or services, and participation in Federal health care programs.

It must be made clear that they need to take seriously the implications of the OIG’s recent enforcement actions.  The OIG’s effectuation of the responsible corporate officer/managing employee doctrine will undoubtedly become more pronounced and frequent in the future.  Accordingly, health care executives must exercise their fiduciary duties and job responsibilities in a trustworthy and diligent manner.

About the Author

Thomas Herrmann advises health care clients on compliance and regulatory matters, with a focus on development and management of effective health care compliance programs. Mr. Herrmann is a recognized expert on issues related to the federal Anti-Kickback Statute, Stark Law and the False Claims Act.