Dentist Sentenced for Theft of $8.5 Million from Medicaid

Posted by Steve Alder

A former Maryland dentist has been sentenced for practicing dentistry without a license and fraudulently billing Medicaid for $8.5 million. Seyed Hamid Tofigh, 57, of Potomac, MD, used the names, provider numbers, and professional credentials of four licensed dentists to submit claims to the Maryland Medicaid program, which is a state-run program that provides healthcare benefits to low-income individuals. The majority of Tofigh’s patients were children.

Tofigh had been a licensed dentist since September 1994 and operated several dental practices with two of his brothers. By 2015, the brothers had separated their ownership of the practices and Tofigh retained ownership of Greenbelt Family Dentistry in Greenbelt, MD, and Rockville Family Dentistry in Rockville, MD. In 2014, after receiving several complaints from patients, the Maryland Board of Dental Examiners suspended Tofigh’s license to practice dentistry due to there being a substantial likelihood that he posed a risk of harm to public health, safety, and welfare. In 2015, after a continued investigation, his license was revoked. The Maryland Board of Dental Examiners found Tofigh kept “consistently incompetent and egregiously deficient” dental records, provided incompetent and substandard treatment, billed for services that he never provided, and engaged in unprofessional and dishonorable conduct.

From 2015 through January 2023, Tofigh continued to practice dentistry on Medicaid recipients, but since he was not able to personally bill Medicaid for his services, used the stolen identities of other dentists – two of his brothers, a nephew, and a former colleague – to submit claims. Tofigh continued to provide substandard treatment, billed for procedures that were not performed, conducted unnecessary procedures such as extractions, fillings, and root canal treatments, and intimidated and bullied patients who complained.

On February 6, 2024, Tofigh pleaded guilty to one count of defrauding a state health plan (Medicaid) and one count of practicing dentistry without a license. The Honorable Carol Ann Corderre of the Circuit Court for Prince George’s County sentenced Tofigh to 5 years in jail, with all but 78 days suspended. Tofigh was placed on home detention for 18 months and will serve 5 years of probation for the Medicare fraud count. Tofigh was also sentenced to serve 1 year in jail and a five-year probation term for practicing dentistry without a license. The jail term was suspended, and the two sentences will run consecutively. Tofigh has been prohibited from providing healthcare services that are partially or wholly funded by state or federal governments and must permanently surrender his Maryland dental license. He has also been ordered to pay $8.5 million in restitution within 12 months, of which $4.5 million has already been paid.

“This case revealed a complex healthcare fraud scheme that not only drained taxpayer dollars away from our State’s Medicaid program but also placed Dr. Tofigh’s young patients in real danger,” said Attorney General Brown. “By stopping Dr. Tofigh, my office continues in its commitment to protecting patients and ensuring the integrity of State programs remains intact.”

The post Dentist Sentenced for Theft of $8.5 Million from Medicaid appeared first on HIPAA Journal.

OCR Seeks Feedback on HIPAA Audits

Posted by Steve Alder

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is conducting a HIPAA Audit Review Survey and is seeking feedback from entities that were subjects of HIPAA compliance audits to gather information to improve future audit programs.

Between 2016 and 2017, OCR conducted its second phase of HIPAA compliance audits. The desk-based audit program involves documentation requests on specific aspects of the HIPAA Privacy Rule, HIPAA Security Rule, and HIPAA Breach Notification Rule. The audits revealed which elements of the HIPAA Rules were proving problematic for HIPAA-covered entities and their business associates.

The audit review survey is being conducted to gather information about the effect of the audits on the audited entities and their opinions on the audit process. The aim is to determine the efficacy of the audit program in assessing the efforts made by HIPAA-covered entities and their business associates to comply with the HIPAA Rules and measure the effect of the audits on covered entities’ and business associates’ subsequent actions to comply with HIPAA.

The survey will provide the audited entities with the opportunity to comment on the usefulness of HHS HIPAA guidance and communications, how easy the online submission portal was to use when uploading documentation requested by auditors, and whether the communicated findings of the audits and the audits themselves actually helped to improve entity compliance.

OCR is also seeking feedback on the burden that the audits placed on covered entities and business associates regarding the requested documentation and responses to audit-related requests, including the impact on day-to-day business operations. Questionnaires will consist of 39 questions and will be sent to Privacy and Security Officers at 166 HIPAA-covered entities and 41 business associates. The information collected will be used to improve future HIPAA compliance audits.

The post OCR Seeks Feedback on HIPAA Audits appeared first on HIPAA Journal.

What is an HHS OIG Investigation?

Posted by Steve Alder

An HHS OIG investigation is a criminal, civil, or administrative investigation into fraud or misconduct in a program run by the Department of Health and Human Services which affects the program, its operation, or its beneficiaries. HHS OIG investigations can result in criminal convictions, financial recoveries, civil monetary penalties, or exclusions from participation in Federal healthcare programs.

The Department of Health and Human Services (HHS) consists of twelve operating divisions which, between them, administer more than 100 programs. Since 1976, the HHS Office of Inspector General (OIG) has been responsible for protecting the integrity of the $2.4 trillion portfolio of programs and the well-being of program beneficiaries.

Within the HHS OIG is an Office of Investigations. The Office of Investigations can be alerted to potential fraud or misconduct by another Office within HHS OIG – for example, the Office of Audit Services – or via the OIG Hotline, which receives allegations of fraud, waste, and abuse in HHS programs from whistleblowers, the public, and HHS employees.

The HHS OIG receives thousands of allegations each year and cannot investigate them all. The Office of Investigations prioritizes allegations according to the nature and scope of the allegation, and the evidence provided to support the allegation. The Office then analyzes the allegation to determine whether it warrants a formal investigation or can be resolved informally.

The Formal HHS OIG Investigation Process

To start a formal HHS OIG investigation, the Office of Investigations issues subpoenas requiring a “target” individual or business to produce documents, conducts witness interviews with the targets, their employees, and/or patients, and visit the target’s offices to conduct inspections. Inspections are rarely announced so that investigators have the best chance of identifying fraud or misconduct.

Once all the relevant evidence has been collected, investigators review the documents, witness statements, and inspection reports to determine whether an unlawful event has taken place (such as a violation of the Stark Law or False Claims Act) or whether the target has violated healthcare regulations (such as issued under the No Surprises Act) to the detriment of a program beneficiary.

At this stage, there are three possible outcomes. The first is that the HHS OIG investigation finds insufficient evidence to support the allegation – in which case the investigation is dropped. The second is that the Office continues the investigation with the help of ancillary agents (i.e., cybersecurity or data analytics experts), and the third is that the Office pursues an enforcement action.

Office of Investigations Enforcement Actions

When the Office of Investigations pursues an enforcement action, the penalty can depend on factors such as the nature and scope of the offence, the amount of harm caused, the target’s cooperation during the formal HHS OIG investigation, and any campaign HHS is running to raise awareness of specific regulations (i.e., violations of the Emergency Medical Treatment and Labor Act).

At one end of the scale, an individual or the director/owner of a business can be sent to jail if an HHS OIG investigations uncovers violations of the Social Security Act §1177. At the other end of the scale, an individual can avoid a civil monetary penalty or addition to the HHS OIG Exclusion List by entering into a Corporate Integrity Agreement. Alternatively, agreeing to a Corporate Integrity Agreement can reduce the amount of a civil monetary penalty. For example:

  • In February 2019, Greenway Health LLC settled allegations it had violated the False Claims Act for $57.25 million and agreed to a five year Corporate Integrity Agreement.
  • In December 2017, 21st Century Oncology settled a self-reported violation of the Stark Law for $26 million and entered into a five year Corporate Integrity Agreement.
  • In September 2011, Hill-Rom Company Inc. settled allegations it had violated the False Claims Act for $41.8 million and agreed to a five year Corporate Integrity Agreement.

The post What is an HHS OIG Investigation? appeared first on HIPAA Journal.