You found something in your billing. Maybe it was an internal audit that flagged unusual patterns. Maybe a departing employee mentioned something on their way out. Maybe you just noticed that the numbers dont add up.
Welcome to Federal Lawyers. Our goal is to give you real information about CMS self-disclosure – not the sanitized version you find on other websites. Because heres the uncomfortable truth that nobody wants to tell you: the moment you “discover” a billing problem, you’ve entered a trap with no good exits. Every option from this point forward carries significant risk. The question isnt whether to report. Its which set of consequences you can survive.
Thats not a scare tactic. Thats the reality that healthcare providers face when they stumble onto overpayment issues. And most of them have no idea how bad their options actualy are until its far too late to do anything about it.
The 60-Day Clock You Might Have Already Missed
Heres the first thing that catches people off guard. Federal law requires you to report and return overpayments within 60 days of identification. Sounds straightforward enough. But “identification” doesnt mean when you personaly discovered the problem. It means when you “should have known” – a standard thats retroactive and completly subjective.
Think about what that realy means for your situation. If the government decides that a reasonable provider in your position should have caught this issue six months ago, your 60-day clock started six months ago. Youre already past the deadline and you didnt even know it. And once that deadline passes, every single claim becomes a potential False Claims Act violation. Every single one.
The penalties under the False Claims Act are not theoretical numbers on a page. Were talking $13,508 to $27,018 per claim – not per billing cycle, not per patient, per individual claim submitted. Plus triple damages on top of that. A billing error that resulted in $50,000 in overpayments can quickley become a seven-figure liability once you multiply it out. Thats not an exageration. Thats basic arithmetic that destorys healthcare practices every year.
our lead attorney has seen this pattern repeatedly in his practice. Providers who thought they were being proactive by starting an investigation end up creating documentation that proves they “should have known” earlier than they claimed. The investigation itself becomes evidence against them. The very act of trying to do the right thing creates the paper trail that establishes liability.
Self-Disclosure Is NOT Immunity
Heres were most providers make a fatal miscalculation that costs them everything. They assume that self-disclosure to CMS will protect them from consequences. It wont. It absolutly, definitly wont.
Need Help With Your Case?
Don't face criminal charges alone. Our experienced defense attorneys are ready to fight for your rights and freedom.
- 100% Confidential
- Response Within 1 Hour
- No Obligation Consultation
Or call us directly:
(212) 300-5196The CMS Self-Referral Disclosure Protocol – the SRDP – explicitly states in its own documentation that it does not release you from liability to the Office of Inspector General, the Department of Justice, or False Claims Act qui tam relators. Read that sentence again because it matters. You can walk into CMS, confess everything, cooperate fully with there investigation, and still face criminal prosecution. Still face OIG civil monetary penalties. Still get sued by a whistleblower who files before you disclosed.
The SRDP is designed specificaly for Stark Law violations – the physician self-referral statute that restricts certain referals. It addresses one specific type of problem and nothing else. But most healthcare billing issues dont fit neatley into a single legal category. If theres Anti-Kickback Statute implications buried in your situation, the SRDP dosent cover you. If theres potential Medicare fraud allegations possible, the SRDP dosent cover you. If a disgruntled employee is already talking to a qui tam attorney down the street, the SRDP definitly dosent cover you becuase that ships already sailed.
At Federal Lawyers, we see this confusion constantley in calls from panicked providers. They think disclosure equals immunity. It dosent. Disclosure means youve created a documented confession that can be used in subsequent proceedings against you. Thats not protection – thats evidence production on a silver platter.
The Dual-Track Problem Nobody Mentions
Heres something most compliance consultants completley fail to explain to there clients. CMS and the OIG operate completly separate disclosure programs with different requirements and different outcomes. The SRDP handles Stark violations. The OIG Self-Disclosure Protocol handles Anti-Kickback violations. Most providers have potential issues under both statutes simultaniously and dont even realize theyre dealing with two different legal frameworks.
Todd Spodek
Lead Attorney & Founder
Featured on Netflix's "Inventing Anna," Todd Spodek brings decades of high-stakes criminal defense experience. His aggressive approach has secured dismissals and acquittals in cases others deemed unwinnable.
A physician who refers patients to a facility they have ownership interest in – thats a Stark issue on its face. But if theres any element of remuneration or compensation for those referals beyond fair market value – thats Anti-Kickback territority. One set of facts, two different agencies with two different enforcement priorities, two different disclosure protocols with different timelines, two different sets of consequences cascading down on you.
Your compliance officer just discovered that your medical practice has been upcoding evaluation and management visits for the past two years, resulting in approximately $1.2 million in overpayments from Medicare. You're now debating whether to quietly correct the billing going forward or formally report the issue to CMS through the Self-Disclosure Protocol.
If I voluntarily report these billing errors to CMS, will that protect me from a False Claims Act lawsuit or criminal prosecution?
Voluntary self-disclosure through the OIG Self-Disclosure Protocol or CMS Voluntary Refund Process can significantly reduce your exposure, but it does not guarantee immunity from prosecution. Under the False Claims Act's 60-day repayment rule established by the Affordable Care Act (Section 6402), once you identify an overpayment you are legally obligated to report and return it within 60 days or face potential treble damages and per-claim penalties. A well-structured self-disclosure typically results in settling at 1.5 times the single damages amount rather than the treble damages you'd face if the government discovers the issue first. We strongly recommend engaging experienced federal healthcare counsel before making any disclosure, because how you frame the issue and calculate the overpayment amount can dramatically affect the outcome of your case.
This is general information only. Contact us for advice specific to your situation.
And heres the kicker that makes it even worse. Neither program talks to the other in any meaningfull way. You could self-disclose to CMS and think your completley covered, only to get a letter from OIG six months later about the Anti-Kickback component you didnt even know existed in your situation. Youve already admitted to the underlying conduct. Now your explaining why you only told half the story. That looks like concealment even when it was just confusion.
This dual-track problem catches providers who think theyve done everything right. They hired a compliance consultant. They disclosed to CMS. They thought the matter was resolved. Then OIG comes knocking with questions about the arrangement they already admitted to. The partial disclosure actualy makes things worse than no disclosure at all.
