Health Law Advisor

On July 7, 2025, the Office of Inspector General (“OIG”) for the Department of Health and Human Services published Advisory Opinion 25-08 (“AO 25-08”), an unfavorable and strongly worded opinion interpreting the “arranging for” language in the Anti-Kickback Statute (“AKS”).

The AO involves a proposed arrangement for a medical device company (the “Requestor”) to pay a third-party vendor to access an electronic billing portal operated by the vendor that is used by some of the Requestor’s customers for certain billing operations. In issuing the unfavorable opinion, the OIG said the proposed arrangement “presents anti-competitive risks and risks of inappropriate steering” and characterized the arrangement as being “for the purpose of accessing referrals” from hospital customers that are clients of the vendor.

The Requestor in this AO is a medical device company that supplies "bill-only" products to hospitals. “Bill-only” products are items that are not part of a hospital’s regularly purchased inventory but rather are purchased in real time, such as when a surgeon is selecting the right size or component of a device to use during a surgery. According to the AO, what typically happens with “bill-only” products is that a representative of the medical device company delivers a selection of items to a hospital customer the day before or the day of a patient’s procedure so that the surgeon can select the specific items needed for that specific patient. Some of these “bill-only” items are used in procedures reimbursable by federal health care programs.

On June 30, 2025, the U.S. Department of Justice (“DOJ”), together with the U.S. Department of Health and Human Services Office of Inspector General (“HHS OIG”) and other law enforcement partners, announced the results of the 2025 National Health Care Fraud Takedown—hailed as the largest in history.

This year, DOJ’s Health Care Fraud Unit reported that 324 defendants were charged for their alleged involvement in various health care fraud schemes that involved over $14.6 billion in intended loss—more than doubling the prior record of $6 billion set in 2020 during the first Trump administration. By way of comparison, last year, the 2024 Takedown charged 193 defendants with allegedly committing more than $2.5 billion in fraud. And two years ago, the 2023 Takedown charged 78 defendants with more than $2.5 billion. To say there was a significant increase between the Biden administration and the second Trump administration would be an understatement.  

That this administration would “follow the money” should not come as a surprise. As noted, the prior record was set during President Trump’s first term in 2020. In that Takedown, DOJ and HHS OIG reported 345 defendants allegedly submitted more than $6 billion in false and fraudulent claims to federal health care programs and private payers. The bulk of that 2020 Takedown, $4.5 billion, was related to telehealth.

On June 25, 2025, the Office of the Inspector General (“OIG”) of the U.S. Department of Health and Human Services (“HHS”) released a short video containing the highlights of the Medicaid Fraud Control Units (“MFCUs”) Annual Report for Fiscal Year 2024 (“2024 Annual Report”). While the 2024 Annual Report was released in March 2025, HHS OIG just released the two-minute video summarizing the key aspects of the report.

MFCUs—which investigate and prosecute statewide Medicaid provider fraud, and beneficiary abuse and neglect—recovered $1.4 billion in FY 2024, which equates to $3.46 for every $1 spent. Criminal recoveries were the highest amount in the past 10 years, $961 million, and more than double the rolling 5-year average. HHS OIG attributes this massive increase to the California MFCU, which recovered $513 million on its own.

On June 20, 2025, the Department of Health and Human Services’ Office of Inspector General (“OIG”) issued an unfavorable advisory opinion - OIG Advisory Opinion 25-04 (“AO 25-04”). AO 25-04 discusses a proposal by a medical device company (the “Requestor”) to cover the costs for its customers—hospitals, health systems, and ambulatory surgery centers—to have a third-party company screen and monitor the Requestor for exclusion from federal healthcare programs. The OIG concluded that the proposed arrangement would potentially generate prohibited remuneration under the federal Anti-Kickback Statute (“AKS”).

According to the advisory opinion, some of the Requestor’s customers were either requesting or requiring, as a condition of doing business, that the Requestor pay a third-party company (the “Company”) to screen and monitor them for exclusion from federal healthcare programs. Under the proposed arrangement, the Company would charge the Requestor (and not its customers) an annual subscription fee for each customer receiving these screening and monitoring reports. The Requestor estimated this would amount to approximately $450,000 in annual fees, paid directly to the Company. The Requestor would not be a party to any agreements between its customers and the Company.

On May 21, 2025, the Centers for Medicare & Medicaid Services (CMS) announced^[1] an aggressive plan (Plan) to expand its efforts to address fraud, waste, and abuse in Medicare Advantage (MA). By engaging with enhanced technology and significantly expanding its workforce, CMS states that it intends to audit every eligible MA contract for Payment Years (PY) 2018 through 2024 and recover on all prior audits conducted by CMS and the Office of Inspector General (OIG).  Historically, CMS has only selected a small subset of contracts (approximately sixty) for each PY audited. CMS is currently completing PY2018 Risk Adjustment Data Validation (RADV) audit but has yet to issue findings or payment recovery demands for any audit completed. CMS has similarly not taken material action regarding the so called “OIG audits”.

Background

CMS Audit Methodology. CMS officially launched its RADV audit program in 2008. The audit methodology employed by CMS has evolved over the years through various rule making efforts and sub-regulatory issuances. CMS’s proposed rule in 2010 set forth an audit methodology to review a risk stratified 201-member sample, where all risk adjusted Hierarchical Condition Categories (HCCs) for each member would be reviewed and checked for errors.^[2] Finalizing this methodology in 2012[3], CMS then conducted audits on PY2012 and 2013 utilizing this approach. The presumption was that CMS would extrapolate and recoup such amounts. However, CMS did not issue final agency actions requiring substantial repayments or extrapolation.

On March 22, 2023, the U.S. Department of Health and Human Services’ Office of Inspector General (“OIG”) updated its Frequently Asked Questions (“FAQs”), drafting 13  FAQs aimed at easing the transition from COVID-era flexibilities to the end of the Public Health Emergency (“PHE”) on May 11, 2023. These FAQs arrive on the tail of OIG’s March 10, 2023 COVID-19 Public Health Emergency policy statement, which announced that the expiration of the PHE in May also marks the end of flexibilities extended during the crisis.  The updated FAQs offer a glimpse into how OIG investigations and enforcement might play out after the end of the PHE.  These FAQs address subjects including “General Questions Regarding Certain Fraud and Abuse Authorities,” the “Application of Certain Fraud and Abuse Authorities to Certain Types of Arrangements,” and “Compliance Considerations.”  

The vast majority of the principles articulated in the updated FAQs will undoubtedly be familiar to many.  Generally speaking, the updated FAQs restate or clarify longstanding OIG policy.  The updated FAQs are more than reiteration, however; they offer condensed policy and explanation in a single location, and demonstrate that for the most part, investigations and enforcement may return to the pre-PHE status quo. 

On August 19, 2022, the Department of Health and Human Services Office of Inspector General (“OIG”) posted Advisory Opinion 22-16 (“AO 22-16”) to its website, a favorable opinion concluding that the OIG would not impose sanctions in connection with a program that offered $25 gift cards to Medicare Advantage (“MA”) plan enrollees who completed an online educational program about the potential risk, benefits, and expectations related to surgery. AO 22-16 is the latest in a string of recent OIG advisory opinions addressing arrangements involving remuneration to Federal health care program beneficiaries - the ninth such advisory opinion in 2022 alone.

The company that requested this advisory opinion contracts with Medicare Advantage Organizations (“MAOs”) to offer the educational program to MA plan enrollees and charges the MAOs a per-member, per-month fee for the program. MA plan enrollees who take the educational program and complete a survey receive a $25 gift card, which may be for a big box store or online retailer that offers a wide variety of items. The company that offers the educational program sends mailings and email correspondence to MA plan enrollees about the educational program but does not advertise or market the program to individuals who are not enrollees of a MA plan that has contracted with the company. The MAOs are prohibited by their contract with the company from including information about the gift cards offered under the program in marketing materials to prospective enrollees.

The U.S. Department of Health and Human Services’ Office of Inspector General (“OIG”) recently issued Advisory Opinion No. 21-02, regarding a joint investment by a health system, a manager, and certain surgeons in an ambulatory surgery center (“ASC”) (the “Proposed Arrangement”). According to a national survey, most hospitals and health systems are planning to increase their investments in ASCs and anticipate converting hospital outpatient departments to ASCs. Many hospitals with ASCs operate the ASCs as physician joint ventures. As payors and patients continue to show interest in having outpatient procedures performed in ASCs, there is an expected trend to see an increase in investments and joint ventures in ASCs therefore making the Advisory Opinion particularly noteworthy.

In their request to OIG, the health system and the manager (“Requestors”) specifically inquired whether the Proposed Arrangement would constitute grounds for sanctions under the Federal Anti-Kickback statute (“AKS”). Based upon the facts provided in the request for the Advisory Opinion and a supplemental submission, the OIG reached the favorable conclusion that due to the low risk of fraud and abuse, the OIG would not impose sanctions on the health system or the manager in connection with the Proposed Arrangement.

The Proposed Arrangement

Under the Proposed Arrangement, the health system, five orthopedic surgeons, three neurosurgeons employed by the health system, and a manager, would invest in a new ASC. The health system would own 46 percent of the ASC, the surgeons would collectively own 46 percent of the ASC, and the manager would own 8 percent of the ASC. The manager certified that no physician has had, or would have, ownership in the manager that provides management and other services to the ASC. Furthermore, the ASC would operate in a medical facility owned by a real estate company jointly owned by the health system, the surgeons, and the manager. The ASC would enter into space and equipment leases as well as service arrangements with the health system and the real estate company.

OIG’s Analysis

Based on the following criteria, the OIG determined that the following safeguards in the Proposed Arrangement would mitigate the risk and that, as such, the OIG would not impose administrative sanctions in connection with the Proposed Arrangement:

Health System and Physician Investor Interest

(1) Although one or more of the neurosurgeons would fail to meet the Hospital-Physician ASC Safe Harbor Provision requirement that a physician investor derive at least one-third of his or her medical practice income for the previous fiscal year or previous 12-month period from the performance of ASC-qualified procedures, the health system certified that the neurosurgeons would use the ASC on a regular basis as part of their medical practices. Additionally, the health system certified that the surgeons would rarely refer patients to each other.

(2) The Proposed Arrangement would contain certain safeguards to reduce the risk that the health system would make or influence referrals to the ASC or the surgeons. For example, the health system certified that any compensation paid by the health system to affiliated physicians for services furnished would be consistent with fair market value and would not be related, directly or indirectly, to the volume or value of any referrals. In addition, the health system certified that it would refrain from any actions designed to require or encourage affiliated physicians to refer patients to the ASC or the surgeons and would not track referrals made to the ASC.

While providers struggle to provide health care to their patients amid the coronavirus contagion concerns, recent regulatory and reimbursement changes will help ease the path to the provision of healthcare via telehealth.

On March 6, 2020, President Donald Trump signed into law an $8.3 billion emergency coronavirus disease 2019 (“COVID-19”) response funding package. In addition to providing funding for the development of treatments and public health funding for prevention, preparedness, and response, the bill authorizes the U.S. Secretary of Health and Human Services, Alex Azar (referred to herein as the “Secretary”), to waive Medicare restrictions on the provision of services via telehealth during this public health emergency.

Greater utilization of telehealth during the COVID-19 outbreak will reduce providers’ and patients’ exposure to the virus in health care facilities. Telehealth is especially useful for mild cases of illness that can be managed at the patient’s home, thereby decreasing the volume of individuals seeking care in facilities. To further facilitate the increased utilization of telehealth, the Centers for Disease Control’s interim guidance for healthcare facilities notes that healthcare providers can communicate with patients by telephone if formal telehealth systems are not available. This allows providers to have greater flexibility when telehealth technology providers lack the bandwidth to accommodate this increase in telehealth utilization or are otherwise unavailable.