Lessons Learned from the 2018 OIG Semiannual Report to Congress

photo of the capitol building

It’s that time of year again – the OIG at HHS has released its 2018 Semiannual Report to Congress on the efforts and success of the past six months. Chances are, this report may not be the most exciting summer read for you, but there are lots of interesting facts, statistics, and cases that are certainly worth your time. The report should help you stay informed about what the OIG is concentrating on regarding enforcement and fines. We’ve taken a moment to include some of our key takeaways and excerpts from the report – please enjoy!

The OIG’s Strategic Plan for 2014-2018 outlines the OIG’s approach to protecting the integrity of HHS programs with four key goals:

  1. Fight fraud, waste, and abuse.
  2. Promote quality, safety, and value.
  3. Secure HHS programs’ future.
  4. Advance excellence and innovation.

Office of Inspector General HHS 2018 Semiannual Report to Congress

The OIG is tasked with reporting to Congress on its activities and this report covers the period covering October 1, 2017, to March 31, 2018. Each day, OIG uses data-driven decision making to combat fraud, waste, and abuse of Federal healthcare programs and to improve the effectiveness of department programs.

We will break down and summarize the activities that had the biggest impact on healthcare providers during this period. For a brief recap, you can view the 2017 OIG Semiannual Report to Congress to compare and contrast with the new release.

OIG Focus Areas 2018

Looking to the future, the OIG is tracking its performance in the following priority areas.

  1. Combating the Opioid Epidemic
  2. Protecting Vulnerable Populations
  3. Enhancing Program Integrity in Home- and Community Based Services
  4. Protecting the Integrity of the Medicaid Program
  5. Assessing Prescription Drug Payment Policies and Procedures
  6. Identifying Cybersecurity Risks

Highlights of OIG HHS Accomplishments

OIG Enforcement and Recoveries 

OIG remains at the forefront of the nation’s efforts to fight fraud in HHS programs and hold wrongdoers accountable for their actions. Not only does fraud increase HHS costs, it increases risk and potential harm to beneficiaries. During the semiannual reporting programs― period, OIG reported the following:

  • Expected investigative recoveries of $1.46 billion
  • Criminal actions against 424 individuals or entities that engaged in crimes against HHS programs
  • Exclusion of 1,588 individuals and entities from Federal healthcare programs  
  • Civil actions against 349 individuals or entities

State Medicaid Fraud Control Units

To combat healthcare fraud, OIG partners with DOJ, State Medicaid Fraud Control Units (MFCUs or Units), and other Federal, State, and local law enforcement agencies. These partnerships include the Medicare Fraud Strike Force teams, which detect, investigate, and prosecute healthcare fraud through a coordinated and data-driven approach.

State Medicaid Fraud Control Units are key partners with OIG in the fight against fraud, waste, and abuse in State Medicaid programs. OIG has oversight responsibility for MFCUs and administers grants that provide Federal funding for Unit operations. The Federal Government reimburses 75 percent of the costs of operating all existing Units, which are in 49 States and the District of Columbia. MFCUs investigate and prosecute Medicaid provider fraud and patient abuse and neglect in healthcare facilities or board and care facilities.

This annual report (Medicaid Fraud Control Units Fiscal Year 2017 Annual Report – OEI-09-18-00180 March 2018) highlights statistics on the accomplishments of the 50 MFCUs during FY 2017. OIG found that the number of convictions in FY 2017 remained similar to those in recent years.

  • Just over 45% of the 1,157 MFCU fraud convictions involved personal care services attendants.
  • Fraud cases accounted for 76% of the MFCU convictions,
  • 24% involved patient abuse or neglect.
  • MFCUs reported 961 civil settlements and judgments
  • 44% of which involved pharmaceutical manufacturers.
  • MFCUs reported over $1.8 billion in criminal and civil recoveries.

OIG Onsite Reviews of MFCUs

In addition to an annual recertification review of each MFCU, OIG conducts periodic reviews of a sample of MFCUs. OIG evaluates MFCU operations based on 12 performance standards and assesses compliance with laws, regulations, and OIG policy guidance. OIG may also make observations of Unit operations and practices, including identifying effective practices that may be useful to other Units. In addition, OIG provides training and technical assistance to Units while onsite and on an ongoing basis.

Reference:  Medicaid Fraud Control Units: Investigation and Prosecution of Fraud and Beneficiary Abuse in Medicaid Personal Care Services (OEI-12-17-00500), December 2017

One of the lowest hanging fruits and best instruments that the OIG has in its enforcement toolkit is the ability to impose a program exclusion. An exclusion is an administrative remedy and is utilized to prevent future fraud and abuse as well as to keep bad actors from being eligible to bill and get reimbursed from participating in federal healthcare dollar program dollars such as Medicaid, Medicare, CHIPS, TriCare, and others.

To find the latest state and federal exclusion data, take a look at our Compliance Healthcare Index Report for insight and analysis!

Sanction Authorities and Other Administrative Actions

Various Federal laws provide authorities the ability to impose administrative sanctions for fraud and abuse as well as other activities that pose a risk to Federal healthcare programs and their beneficiaries. Sanctions include the exclusion of individuals and entities from Federal healthcare programs and the imposition of CMPs for submitting false and fraudulent claims to a Federal healthcare program or for violating the anti-kickback statute, the Stark law, or the Emergency Medical Treatment and Labor Act (EMTALA), also known as the “patient dumping statute.”

Sanctions also include referrals for suspension and debarment in cases of grant and contract fraud. During this semiannual reporting period, OIG imposed 1,678 administrative sanctions in the form of program exclusions or administrative actions for alleged fraud or abuse or other activities that posed a risk to Federal healthcare programs and their beneficiaries.

Reference:  Exclusion and penalty authorities are described in Appendix D and on the OIG website at

Suspension and Debarments

Suspensions and debarments are administrative tools used by HHS and other Federal agencies to protect the government from individuals and entities that have engaged in contract fraud, have misused grant funds, or are otherwise not presently responsible. Because these are government-wide sanctions, an individual or entity that has been suspended or debarred by HHS or any other agency is ineligible to participate in any future funding opportunities across the Federal government for a specified period.

OIG refers individuals and entities that have potentially engaged in grant or contract fraud or misconduct to the HHS official responsible for determining whether to impose a suspension or debarment. OIG continues to develop a robust Suspension and Debarment program and uses this tool to protect government programs against fraud, waste, poor performance, and non-compliance with contract provisions or applicable law.

Fighting Opioid Abuse

There is no doubt that the opioid crisis that is gripping the nation is one of the OIG’s main focal points. In fact, the OIG has long been a leader in the department’s fight against prescription drug fraud, including opioids, drug diversion, pill mills, medical identity theft, and other schemes that endanger people and communities. The OIG released a study in 2017 on the opioid crisis, also called “Pill Mill” operations in America.

What the OIG Found

  1. One in three Medicare Part D beneficiaries received a prescription opioid in 2016.
  2. About 500,000 beneficiaries received high amounts of opioids.
  3. Almost 90,000 beneficiaries are at serious risk; some received extreme amounts of opioids, while others appeared to be doctor shopping.
  4. About 400 prescribers had questionable opioid prescribing patterns for beneficiaries at serious risk; these patterns are far outside the norm and warrant further scrutiny.


Cyber Security, Identity Theft, and Breaches

Although the OIG is not the ultimate enforcer of a breach of PHI (that belongs to the Office of Civil Rights (OCR), the OIG dedicates part of its report on this area.  

“We are in an information revolution that requires constant vigilance over the security of sensitive data and systems. Cybersecurity incidents and breaches pose a significant risk to the confidentiality, integrity, and availability of sensitive data. Incidents and breaches can impede HHS’s ability to deliver essential programs and services, threaten major elements of our country’s critical infrastructure, and place at risk the health and safety of patients. OIG is focused on identifying and addressing cybersecurity risks within the Department.

The work of OIG, we present here is supported by ongoing investments into data analytics capacity and infrastructure, which we employ in conducting audits, investigations, and evaluations. We also use data analytics to assess relative risks to HHS programs and beneficiaries and help determine where to invest our oversight and enforcement resources”.


The OIG has both enforcement and oversight authorities and responsibilities. These must be taken seriously and the 2018 OIG Semi-Annual Report to Congress is a great way to hold the OIG accountable and to see the results of its hard work and discipline. The release of this report continues to highlight the key focus areas of the OIG and is consistent with their published goals set out in 2014 for the four year period of 2014-2018. The cases of enforcement and fines associated along with the continued use of imposing exclusions from participating in healthcare reimbursements prove that Congress can rely on the OIG to do the right thing and to protect and enforce the integrity of the Federal healthcare dollars entrusted to them. Fraudsters beware.

Check out our latest resources!

License Monitoring eBook

Written by Michael Rosen, ESQ

ProviderTrust Co-Founder,

Michael brings over 20 years of experience founding and leading risk mitigation businesses, receiving numerous accolades such as Inc Magazine’s Inc 500 Award and Nashville Chamber of Commerce Small Business of the Year.

 Connect with Michael on LinkedIn

Stay Up-to-Date

Subscribe and get the latest news and advice from industry experts delivered straight to your inbox.

Related Resources

Never miss an update

Get the latest healthcare news, advice from industry experts, and all things related to monitoring solutions delivered straight to your inbox.