Regulatory developments—such as the Stark Law blanket waivers and the OIG’s enforcement deferral for use of the waivers—have helped healthcare providers during the COVID-19 crisis, but healthcare fraud remains a prime target of the DOJ and the OIG (in addition to state regulators).  Between October 2018 and September 2019, the DOJ obtained over $3 billion in judgments and settlements from fraud claims, a substantial portion of those claims relating to healthcare fraud.[1]  The significant increase in qui tam litigation since the 1980s is also notable.[2]  So what fraud and abuse actions could regulators pursue in COVID-19’s shadow?

COVID-19 Purposes: Perhaps the most obvious pitfall for a healthcare provider is failing to adhere to the “COVID-19 Purposes” requirement for financial arrangements seeking protection under the Stark Law blanket waivers.  Prior blog posts discuss the broad definition of this requirement.[3]  OIG guidance states that it will exercise enforcement discretion not to impose administrative sanctions under the Anti-Kickback Statute (“AKS”) for arrangements covered by the Stark Law blanket waivers.[4]  This guidance is in line with CMS guidance for the waivers, even expanding to possible relator suits under the False Claims Act (“FCA”).[5]  Despite this flexibility on the part of regulators, it seems inevitable we will see prosecution of Stark Law, AKS, or FCA actions for egregious violations of the COVID-19 Purposes requirement.  Providers taking advantage of the Stark Law blanket waivers should remain especially vigilant that any financial arrangement that would normally violate the Stark Law complies with the COVID-19 Purpose requirement and the other requirements of the blanket waivers.

Telemedicine: During the COVID-19 emergency, the DOJ has aggressively prosecuted telemedicine fraud schemes, such as one that resulted in 26 people being charged in the Southern District of Georgia in July 2020.[6]  As most are aware, patients are driving demand for a significant increase in telemedicine services during the pandemic.  In March 2020, CMS broadened access to telemedicine services by expanding Medicare payment for telemedicine services.[7]  This expansion of payment still carries FCA liability risks if a provider fails abide by the rules.  For example, reimbursement for some services (e.g., “E-Visits” or “Virtual Check-ins”) requires that the physician and patient have a prior established relationship.[8]  A provider who seeks reimbursement for E-Visits with no prior patient relationship would probably violate the FCA.  Although it is too soon to tell how lenient, or aggressive, regulators will be, prudent providers will scrupulously comply with CMS guidance and rules for expanded telemedicine services.

For further discussion, please click here.

[1] See

[2] See

[3] See





[8] Id.