Modernizing Medicine Agrees to Pay $45 Million to Resolve Allegations of Accepting and Paying Illegal Kickbacks and Causing False Claims Modernizing Medicine Agrees to Pay $45 Million to Resolve Allegations of Accepting and Paying Illegal Kickbacks and Causing False Claims
Tuesday, November 1, 2022 Modernizing
Medicine Inc. (ModMed), an electronic health record (EHR) technology
vendor located in Boca Raton, Florida, has agreed to pay $45 million to
resolve allegations that it violated the False Claims Act (FCA) by
accepting and providing unlawful remuneration in exchange for referrals
and by causing its users to report inaccurate information in connection
with claims for federal incentive payments.
The Anti-Kickback Statute prohibits anyone from offering or paying,
directly or indirectly, any remuneration — which includes money or any
other thing of value — to induce referrals of items or services covered
by Medicare, Medicaid and other federally funded programs. In a
complaint filed in conjunction with today’s settlement, the United
States alleged that ModMed violated the FCA and the Anti-Kickback
Statute through three marketing programs: First, ModMed solicited and
received kickbacks from Miraca Life Sciences Inc. (Miraca) in exchange
for recommending and arranging for ModMed’s users to utilize Miraca’s
pathology lab services. Second, ModMed conspired with Miraca to
improperly donate ModMed’s EHR to health care providers in an effort to
increase lab orders to Miraca and simultaneously add customers to
ModMed’s user base. Third, ModMed paid kickbacks to its current health
care provider customers and to other influential sources in the
healthcare industry to recommend ModMed’s EHR and refer potential
customers to ModMed.
“Electronic health records serve a critical role in informing
physician decision making, and it is therefore essential that health
care providers select such technology free from the influence of
improper financial inducements,” said Principal Deputy Assistant
Attorney General Brian M. Boynton, head of the Department of Justice’s
Civil Division. “Vendors of electronic health records will be held to
the same standards of compliance that we expect of everyone who provides
health care services.”
“Today’s settlement marks the fourth resolution that our office has
achieved as we seek to root out fraud in the electronic health record
technology field,” said U.S. Attorney Nikolas P. Kerest for the District
of Vermont. “It is imperative that medical providers be able to trust
the health record systems with which they document important and
sensitive patient information, and for too long electronic health record
vendors have prioritized only sales. The government alleges that for
years, ModMed, through a variety of schemes, engaged in illegal
kickbacks that distorted both the EMR and pathology lab markets, in
addition to providing its users with a deficient product. This
resolution reflects the seriousness of the government’s allegations and
the determination of the Department of Justice to restore integrity to
the electronic health record field.”
As a result of this conduct, the government alleges that ModMed
improperly generated sales for itself and for Miraca, while causing
health care providers to submit false claims for reimbursement to the
federal government for pathology services, and for incentive payments
from the Department of Health and Human Services (HHS) for the adoption
and “meaningful use” of ModMed’s EHR technology.
In January 2019, Miraca (now known as Inform Diagnostics) agreed to
pay $63.5 million to resolve allegations that it violated the
Anti-Kickback Statute and the Stark Law by providing to referring
physicians subsidies for EHR systems and free or discounted technology
consulting services. 2019 Press Release.
Additionally, under HHS’ EHR Incentive Programs, HHS offered
incentive payments to health care providers that adopted certified EHR
technology and met certain requirements relating to their “meaningful
use” of that technology. Eligibility for incentive payments required
health care providers to use certified EHR technology that, among other
things, utilized certain standard vocabularies for drugs (RxNorm) and
clinical terminology (SNOMED CT) in order to conduct certain
transactions. The government’s complaint in intervention alleges that
ModMed knew that its EHR did not always allow physician users to
electronically record medical records using the required standard
vocabularies, thereby causing certain of its users to submit false
claims for incentive payments under that program.
The settlement with ModMed resolves, in part, allegations in a
lawsuit filed in the District of Vermont by Amanda Long, a former Vice
President of Product Management at ModMed. The lawsuit was filed under
the qui tam, or whistleblower, provisions of the FCA, which
permit private individuals to sue on behalf of the government for false
claims and to share in any recovery. The qui tam case is captioned United States ex rel. Long v. Modernizing Med., Inc.,
No. 2:17-cv-179 (D. Vt.). The Act allows the government to intervene
and take over the action, as it did in this case. As part of today’s
resolution, Ms. Long will receive approximately $9 million.
The resolution obtained in this matter was the result of a
coordinated effort between the Justice Department’s Civil Division,
Commercial Litigation Branch, Fraud Section, and the U.S. Attorney’s
Office for the District of Vermont. The FBI and the Department of Health
and Human Services, Office of Counsel to the Inspector General provided
investigative assistance.
The investigation and pursuit of this matter illustrate the
government’s emphasis on combating health care fraud, including in the
healthcare technology arena. One of the most powerful tools in this
effort is the FCA. Tips and complaints from all sources about potential
fraud, waste, abuse, and mismanagement, can be reported to the
Department of Health and Human Services at 800-HHS-TIPS (800-447-8477).
Assistant U.S. Attorney Lauren A. Lively for the District of Vermont
and Trial Attorneys Kelley Hauser and Sarah Hill of the Civil Division’s
Commercial Litigation Branch, Fraud Section handled this matter.
| Must a covered entity inform individuals in advance of any fees that may be charged when the individuals request a copy of their PHI? This guidance remains in effect only to the extent that it is consistent with the court’s order in Ciox Health, LLC v. Azar, No. 18-cv-0040 (D.D.C. January 23, 2020), which may be found at https://ecf.dcd.uscourts.gov/cgi-bin/show_public_doc?2018cv0040-51. More information about the order is available at https://www.hhs.gov/hipaa/court-order-right-of-access/index.html. Any provision within this guidance that has been vacated by the Ciox Health decision is rescinded. Yes. When an individual requests access to her PHI and the covered entity intends to charge the ...read more |
| Issued by: Office for Civil Rights (OCR) What if a HIPAA covered entity (or business associate) uses a CSP to maintain ePHI without first executing a business associate agreement with that CSP? Answer: If a covered entity (or business associate) uses a CSP to maintain (e.g., to process or store) electronic protected health information (ePHI) without entering into a BAA with the CSP, the covered entity (or business associate) is in violation of the HIPAA Rules. 45 C.F.R §§164.308(b)(1) and §164.502(e). OCR has entered into a resolution agreement and corrective action plan with a covered entity that OCR determined ...read more |
| Direct Liability of Business Associates In 2009, Congress enacted the Health Information Technology for Economic and Clinical Health (HITECH) Act,1 making business associates of covered entities directly liable for compliance with certain requirements of the HIPAA Rules. Consistent with the HITECH Act, the HHS Office for Civil Rights (OCR) issued a final rule in 2013 to modify the HIPAA Privacy, Security, Breach Notification, and Enforcement Rules.2 Among other things, the final rule identifies provisions of the HIPAA Rules that apply directly to business associates and for which business associates are directly liable.3 As set forth in the HITECH ...read more |
| Outpatient Surgical Facility Corrects Privacy Procedure in Research Recruitment Covered Entity: Outpatient Facility Issue: Impermissible Uses and Disclosures An outpatient surgical facility disclosed a patient's protected health information (PHI) to a research entity for recruitment purposes without the patient's authorization or an Institutional Review Board (IRB) or privacy-board-approved waiver of authorization. The outpatient facility reportedly believed that such disclosures were permitted by the Privacy Rule. OCR provided technical assistance to the covered entity regarding the requirement that covered entities seeking to disclose PHI for research recruitment purposes must obtain either a valid patient authorization or an Institutional Review Board ...read more |
|
August 2025
| Su | Mo | Tu | We | Th | Fr | Sa |
| | | | | 1 | 2 |
| 3 | 4 | 5 | 6 | 7 | 8 | 9 |
| 10 | 11 | 12 | 13 | 14 | 15 | 16 |
| 17 | 18 | 19 | 20 | 21 | 22 | 23 |
| 24 | 25 | 26 | 27 | 28 | 29 | 30 |
| 31 |
Blog Home
Newest Blog Entries
1/21/25 Understanding Business Associate Agreements
11/12/22 Modernizing Medicine Agrees to Pay $45 Million to Resolve Allegations of Accepting and Paying Illegal Kickbacks and Causing False Claims
11/12/22 Indian National Charged in $8 Million COVID-19 Relief Fraud Scheme
11/12/22 Former Hospital Employee Pleads Guilty To Criminal HIPPA Charges
11/12/22 Covered entities and those persons rendered accountable by general principles of corporate criminal liability may be prosecuted directly under 42 U.S.C. § 1320d-6
11/12/22 The Delaware Division of Developmental Disabilities Services Data Breach
11/12/22 OCR Settles Three Cases with Dental Practices for Patient Right of Access under HIPAA
11/12/22 HHS Issues Guidance on HIPAA and Audio-Only Telehealth
11/12/22 Five Former Methodist Hospital Employees Charged with HIPAA Violations
11/12/22 May a covered entity use or disclose protected health information for litigation?
11/12/22 When does the Privacy Rule allow covered entities to disclose protected health information to law enforcement officials?
Blog Archives
January 2025 (1)
November 2022 (54)
Blog Labels
ePHI (2)
Telehealth (1)
BAA (4)
EHR Fraud (1)
PPP Fraud (1)
HIPAA (2)
Covered Entity (40)
Data Breach (1)
HIPAA Enforcement (3)
|
