CORPORATE INTEGRITY AGREEMENT BETWEEN THE OFFICE OF INSPECTOR GENERAL OF THE DEPARTMENT OF HEALTH AND HUMAN SERVICES AND CARDIOVASCULAR SYSTEMS, INC.
EX-10.2 3 ex102-corporateintegrityag.htm EXHIBIT 10.2 Exhibit
Exhibit 10.2
CORPORATE INTEGRITY AGREEMENT
BETWEEN THE
OFFICE OF INSPECTOR GENERAL
OF THE
DEPARTMENT OF HEALTH AND HUMAN SERVICES
AND
CARDIOVASCULAR SYSTEMS, INC.
I. PREAMBLE
Cardiovascular Systems, Inc. (CSI) hereby enters into this Corporate Integrity Agreement (CIA) with the Office of Inspector General (OIG) of the United States Department of Health and Human Services (HHS) to promote compliance with the statutes, regulations, and written directives of Medicare, Medicaid, and all other Federal health care programs (as defined in 42 U.S.C. § 1320a-7b(f)) (Federal health care program requirements). Contemporaneously with this CIA, CSI is entering into a Settlement Agreement with the United States.
CSI represents that, prior to the Effective Date of the CIA (as defined below), CSI established a voluntary compliance program (Compliance Program) applicable to CSI’s directors, officers, and employees. CSI’s Compliance Program includes, among other features, a Compliance Officer position, a code of conduct, written policies and procedures, and educational and training initiatives.
CSI shall continue its Compliance Program throughout the term of the CIA and shall do so in accordance with the terms set forth below. CSI may modify its Compliance Program as appropriate but, at a minimum, CSI shall ensure that during the term of the CIA it shall comply with the obligations set forth herein.
II. TERM AND SCOPE OF THE CIA
A.The period of the compliance obligations assumed by CSI under this CIA shall be five years from the effective date of this CIA. The “Effective Date” shall be the date on which the final signatory of this CIA executes this CIA. Each one-year period, beginning with the one-year period following the Effective Date, shall be referred to as a “Reporting Period.”
B. Sections VII, X, and XI shall expire no later than 120 days after OIG’s receipt of: (1) CSI’s final Annual Report or (2) any additional materials submitted by CSI pursuant to OIG’s request, whichever is later.
Cardiovascular Systems, Inc. Corporate Integrity Agreement
1
C. For purposes of this CIA, the term “Covered Persons” includes:
(1) | all owners who are natural persons, except: |
(i) | shareholders who: (a) have an ownership interest of less than 5% and (b) acquired the ownership interest through public trading, and |
(ii) | shareholders who have an ownership interest of less than 5% of the common stock of CSI and who acquired that interest as compensation for services to CSI, or as a stock grant or through the issuance of stock under a CSI stock plan approved by CSI’s shareholders; |
(2) | officers, directors, and employees of CSI; and |
(3) all contractors, subcontractors, agents, and other persons who perform Covered Functions (as defined in Section II.E below) on behalf of CSI, and in that capacity interact directly with healthcare professionals (HCPs) and healthcare institutions (HCIs).
D. The term “Government Reimbursed Products” refers to all CSI products that are: (a) marketed or sold by CSI in the United States (or pursuant to contracts with the United States) and (b) reimbursed by Federal health care programs.
E. The term “Covered Functions” includes: (a) the selling, detailing, marketing, advertising, promoting, or branding of Government Reimbursed Products; (b) contracting with HCPs or HCIs for Co-Marketing Activities and Consulting Activities, and (c) the preparation or external dissemination of promotional materials or information about, or the provision of promotional services relating to, Government Reimbursed Products, including those functions relating to CSI’s review and approval processes for promotional materials and any applicable review committee(s).
F. The term “Third Party Educational Activity” shall mean any scientific, educational, or professional program, meeting, or event for HCPs conducted by a third party and supported by CSI, including but not limited to, continuing medical education (CME), disease awareness, or sponsorship of symposia at medical conferences.
G. The term “Co-Marketing Activity” shall mean any marketing or other promotional activity that CSI performs with or on behalf of (in addition to itself) one or more HCPs or HCIs involving a Government Reimbursed Product.
Cardiovascular Systems, Inc. Corporate Integrity Agreement
2
H. The term “Consulting Activity” shall mean any fee-for-service arrangement entered with HCPs, including but not limited to speaker programs, advisory boards, research and development meetings, product training and education sessions, presentations, ad hoc advisory activities, research and any other financial engagement or arrangement related to Government Reimbursed Products and all related expenses.
III. CORPORATE INTEGRITY OBLIGATIONS
CSI shall establish and maintain a Compliance Program that includes the following elements:
A. | Compliance Officer and Committee, Board of Directors, and Management Compliance Obligations |
1. Compliance Officer. Within 90 days after the Effective Date, CSI shall appoint a Compliance Officer and shall maintain a Compliance Officer for the term of the CIA. The Compliance Officer shall be an employee and a member of senior management of CSI, shall report directly to the Chief Executive Officer of CSI, and shall not be or be subordinate to the General Counsel or Chief Financial Officer or have any responsibilities that involve acting in any capacity as legal counsel or supervising legal counsel functions for CSI. The Compliance Officer shall be responsible for, without limitation:
a. | developing and implementing policies, procedures, and practices designed to ensure compliance with the requirements set forth in this CIA and with Federal health care program requirements and FDA requirements; |
b. | making periodic (at least quarterly) reports regarding compliance matters directly to the Board of Directors of CSI and shall be authorized to report on such matters to the Board of Directors at any time. Written documentation of the Compliance Officer’s reports to the Board of Directors shall be made available to OIG upon request; and |
c. | monitoring the day-to-day compliance activities engaged in by CSI as well as any reporting obligations created under this CIA. |
Cardiovascular Systems, Inc. Corporate Integrity Agreement
3
Any noncompliance job responsibilities of the Compliance Officer shall be limited and must not interfere with the Compliance Officer’s ability to perform the duties outlined in this CIA.
CSI shall report to OIG, in writing, any changes in the identity of the Compliance Officer, or any actions or changes that would affect the Compliance Officer’s ability to perform the duties necessary to meet the obligations in this CIA, within five days after such a change.
2. Compliance Committee. Within 90 days after the Effective Date, CSI shall appoint a Compliance Committee. The Compliance Committee shall, at a minimum, include the Compliance Officer and other members of senior management necessary to meet the requirements of this CIA (e.g., senior executives of relevant departments, such as sales, marketing, legal, medical affairs/medical information, regulatory affairs, research and development, human resources, audit, finance, manufacturing, and operations). The Compliance Officer shall chair the Compliance Committee and the Committee shall support the Compliance Officer in fulfilling his/her responsibilities (e.g., shall assist in the analysis of CSI’s risk areas and shall oversee monitoring of internal and external audits and investigations). The Compliance Committee shall meet at least quarterly. The minutes of the Compliance Committee meetings shall be made available to OIG upon request.
CSI shall report to OIG, in writing, any actions or changes that would affect the Compliance Committee’s ability to perform the duties necessary to meet the obligations in this CIA, within 15 days after such a change.
3. Board of Directors Compliance Obligations. The Board of Directors (or a committee of the Board of Directors) of CSI (Board) shall be responsible for the review and oversight of matters related to compliance with Federal health care program requirements, FDA requirements, and the obligations of this CIA. The Board must include independent (i.e., non-executive) members.
The Board shall, at a minimum, be responsible for the following:
a. | meeting at least quarterly to review and oversee CSI’s compliance program, including but not limited to the performance of the Compliance Officer and Compliance Committee; |
b. | submitting to OIG a description of the documents and other materials it reviewed, as well as any additional steps taken, |
Cardiovascular Systems, Inc. Corporate Integrity Agreement
4
such as the engagement of an independent advisor or other third party resources, in its oversight of the compliance program and in support of making the resolution below during each Reporting Period; and
c. | for each Reporting Period of the CIA, adopting a resolution, signed by each member of the Board summarizing its review and oversight of CSI’s compliance with Federal health care program requirements, FDA requirements, and the obligations of this CIA. |
At minimum, the resolution shall include the following language:
“The Board of Directors has made a reasonable inquiry into the operations of CSI’s Compliance Program, including the performance of the Compliance Officer and the Compliance Committee. Based on its inquiry and review, the Board has concluded that, to the best of its knowledge, CSI has implemented an effective Compliance Program to meet Federal health care program requirement, FDA requirements, and the obligations of the CIA.”
If the Board is unable to provide such a conclusion in the resolution, the Board shall include in the resolution a written explanation of the reasons why it is unable to provide the conclusion and the steps it is taking to implement an effective Compliance Program at CSI.
CSI shall report to OIG, in writing, any changes in the composition of the Board, or any actions or changes that would affect the Board’s ability to perform the duties necessary to meet the obligations in this CIA, within 15 days after such a change.
4. Management Certifications. In addition to the responsibilities set forth in this CIA for all Covered Persons, certain CSI employees (Certifying Employees) are expected to monitor and oversee activities within their areas of authority and shall annually certify that the applicable CSI department is in compliance with applicable Federal health care program requirements, FDA requirements, and the obligations of this CIA. These Certifying Employees shall include, at a minimum, the following: President, Chief Executive Officer, Chief Financial Officer, the principal Human Resources executive, Chief Operating Officer, General Counsel, Compliance Officer, Senior Vice President of Operations, and all Senior Vice Presidents, Vice Presidents, and Senior Directors. For each Reporting Period, each Certifying Employee shall sign a certification that states:
Cardiovascular Systems, Inc. Corporate Integrity Agreement
5
“I have been trained on and understand the compliance requirements and responsibilities as they relate to [insert name of department], an area under my supervision. My job responsibilities include ensuring compliance with regard to the [insert name of department] with all applicable Federal health care program requirements, FDA requirements, obligations of the Corporate Integrity Agreement, and CSI policies, and I have taken steps to promote such compliance. To the best of my knowledge, the [insert name of department] of CSI is in compliance with all applicable Federal health care program requirements and the obligations of the Corporate Integrity Agreement. I understand that this certification is being provided to and relied upon by the United States.”
If any Certifying Employee is unable to provide such a certification, the Certifying Employee shall provide a written explanation of the reasons why he or she is unable to provide the certification outlined above.
Within 90 days after the Effective Date, CSI shall develop and implement a written process for Certifying Employees to follow for the purpose of completing the certification required by this section (e.g., reports that must be reviewed, assessments that must be completed, sub-certifications that must be obtained, etc. prior to the Certifying Employee making the required certification).
B. | Written Standards |
Within 90 days after the Effective Date, CSI shall develop and implement written policies and procedures regarding the operation of its Compliance Program, including the compliance program requirements outlined in this CIA and CSI’s compliance with Federal health care program requirements and FDA requirements (Policies and Procedures). The Policies and Procedures shall, at a minimum, address appropriate ways to conduct Covered Functions in compliance with (i) all applicable Federal healthcare program requirements, including, but not limited to the Federal Anti-Kickback Statute (42 U.S.C. §1320a-7b((b)) and the False Claims Act (31 U.S.C. §§ 3729-3733) and (ii) all applicable FDA requirements. Throughout the term of this CIA, CSI shall enforce its Policies and Procedures and shall make compliance with its Policies and Procedures an element of evaluating the performance of all employees. The Policies and Procedures shall be made available to all Covered Persons.
At least annually (and more frequently, if appropriate), CSI shall assess and update, as necessary, the Policies and Procedures. Any new or revised Policies and Procedures shall be made available to all Covered Persons.
Cardiovascular Systems, Inc. Corporate Integrity Agreement
6
All Policies and Procedures shall be made available to OIG upon request.
C. | Training and Education |
1. Covered Persons Training. Within 90 days after the Effective Date, CSI shall develop a written plan (Training Plan) that outlines the steps CSI will take to ensure that all Covered Persons receive at least annual training regarding CSI’s CIA requirements and Compliance Program, the applicable Federal health care program requirements, including but not limited to the requirements of the Anti-Kickback Statute and the Stark Law, and FDA requirements. The Training Plan shall include information regarding the following: training topics, categories of Covered Persons required to attend each training session, length of the training session(s), schedule for training, and format of the training. CSI shall furnish training to its Covered Persons pursuant to the Training Plan during each Reporting Period.
2. Board Member Training. Within 90 days after the Effective Date, each member of the Board of Directors shall receive at least two hours of training. This training shall address the corporate governance responsibilities of board members, and the responsibilities of board members with respect to review and oversight of the Compliance Program. Specifically, the training shall address the unique responsibilities of health care Board members, including the risks, oversight areas, and strategic approaches to conducting oversight of a health care entity. This training may be conducted by an outside compliance expert hired by the Board and should include a discussion of the OIG’s guidance on Board member responsibilities.
New members of the Board of Directors shall receive the Board Member Training described above within 30 days after becoming a member or within 90 days after the Effective Date, whichever is later.
3. Training Records. CSI shall make available to OIG, upon request, training materials and records verifying that Covered Persons and Board members have timely received the training required under this section.
D. | Requirements for Consulting Activities |
To the extent that CSI engages HCPs for Consulting Activities, such HCPs shall be referred to herein as Consultants. Within 90 days after the Effective Date, CSI shall establish a process requiring all Consultants to enter into written agreements describing the scope of work to be performed, the fees to be paid, and the compliance obligations for
Cardiovascular Systems, Inc. Corporate Integrity Agreement
7
the Consultant. Consultants shall be paid according to a centrally-managed, pre-set rate structure that is determined based on a fair-market value analysis conducted by CSI.
Within 90 days after the Effective Date, CSI shall establish a process to develop an annual budgeting plan that identifies the business needs for, and the estimated numbers of, the various Consultant engagements and activities to occur during the following year. The annual Consultant budgeting plan shall also identify the budgeted amounts to be spent on Consulting Activities. CSI compliance personnel shall be involved in the review and approval of such plans, including any subsequent modifications of an approved plan. The purpose of this review shall be to ensure that Consulting Activities and related events are used for legitimate and lawful purposes in accordance with applicable Federal health care program and FDA requirements and CSI's Policies and Procedures.
Within 90 days after the Effective Date, CSI shall establish a process to ensure that a needs assessment has been completed to justify the retention of a Consultant prior to the retention of the Consultant. The needs assessment shall identify the business need for the retention of the Consultant and provide specific details about the consulting arrangement (e.g., information about the numbers and qualifications of the HCPs to be engaged and a description of the proposed work to be done and the type of work products to be generated). Any deviations from the Consultant budgeting plans shall be documented in the needs assessment form and shall be subject to review and approval by CSI compliance personnel.
E. Review Procedures
1. General Description
a. | Engagement of Independent Review Organization. Within 90 days after the Effective Date, CSI shall engage an entity (or entities), such as an accounting, auditing, or consulting firm (hereinafter “Independent Review Organization” or “IRO”), to perform the reviews listed in this Section III.E. The applicable requirements relating to the IRO are outlined in Appendix A to this CIA, which is incorporated by reference. |
b. | Retention of Records. The IRO and CSI shall retain and make available to OIG, upon request, all work papers, supporting documentation, correspondence, and draft reports (those exchanged between the IRO and CSI) related to the reviews. |
Cardiovascular Systems, Inc. Corporate Integrity Agreement
8
2. Systems and Transactions Reviews. As set forth more fully in Appendix B, the IRO Reviews shall consist of two components: Systems Reviews and Transactions Reviews relating to the Covered Functions. The Systems Reviews shall assess CSI’s systems, processes, policies, and procedures relating to the Covered Functions. If there are no material changes in CSI’s relevant systems, processes, policies, and procedures, the Systems Reviews shall be performed for the second and fourth Reporting Periods. If CSI materially changes its relevant systems, processes, policies, and procedures, the IRO shall perform a Systems Review for the Reporting Period in which such changes were made in addition to conducting the Systems Review for the second and fourth Reporting Periods, as set forth more fully in Appendix B.
The Transactions Reviews shall be performed annually and shall cover each of the five Reporting Periods. The IRO(s) shall perform all components of each annual Transactions Review. As set forth more fully in Appendix B, the Transactions Review shall include review of Co-Marketing Activities and Consulting Activities.
3. Independence and Objectivity Certification. The IRO shall include in its report(s) to CSI a certification that the IRO has (a) evaluated its professional independence and objectivity with respect to the reviews required under this Section III.E and (b) concluded that it is, in fact, independent and objective, in accordance with the requirements specified in Appendix A to this CIA. The IRO’s certification shall include a summary of all current and prior engagements between CSI and the IRO.
F. Risk Assessment and Internal Review Process
Within 90 days after the Effective Date, CSI shall develop and implement a centralized annual risk assessment and internal review process. The risk assessment and mitigation process shall require compliance, legal and business unit leaders, at least annually, to evaluate and identify risks associated with each Government Reimbursed Product, including risks associated with the sales, marketing, and promotion of such products. Based on the outcomes of the risk-identification component of the risk assessment and mitigation process, CSI’s legal, compliance and other personnel shall centrally develop and implement specific plans designed to mitigate or reduce the identified risks. The risk mitigation plans shall be developed annually and a plan shall be developed for each Government Reimbursed Product. CSI shall implement the risk mitigation plans and shall track the implementation of the mitigation plans. CSI shall maintain the risk assessment and mitigation process for the duration of the CIA.
Cardiovascular Systems, Inc. Corporate Integrity Agreement
9
G. Disclosure Program
Within 90 days after the Effective Date, CSI shall establish a Disclosure Program that includes a mechanism (e.g., a toll-free compliance telephone line) to enable individuals to disclose, to the Compliance Officer or some other person who is not in the disclosing individual’s chain of command, any identified issues or questions associated with CSI’s policies, conduct, practices, or procedures with respect to a Federal health care program or any FDA requirement believed by the individual to be a potential violation of criminal, civil, or administrative law. CSI shall appropriately publicize the existence of the disclosure mechanism (e.g., via periodic e-mails to employees or by posting the information in prominent common areas).
The Disclosure Program shall emphasize a nonretribution, nonretaliation policy and shall include a reporting mechanism for anonymous communications for which appropriate confidentiality shall be maintained. The Disclosure Program also shall include a requirement that all of CSI’s Covered Persons shall be expected to report suspected violations of any Federal health care program requirements to the Compliance Officer or other appropriate individual designated by CSI. Upon receipt of a disclosure, the Compliance Officer (or designee) shall gather all relevant information from the disclosing individual. The Compliance Officer (or designee) shall make a preliminary, good faith inquiry into the allegations set forth in every disclosure to ensure that he or she has obtained all of the information necessary to determine whether a further review should be conducted. For any disclosure that is sufficiently specific so that it reasonably: (1) permits a determination of the appropriateness of the alleged improper practice; and (2) provides an opportunity for taking corrective action, CSI shall conduct an internal review of the allegations set forth in the disclosure and ensure that proper follow-up is conducted.
The Compliance Officer (or designee) shall maintain a disclosure log and shall record each disclosure in the disclosure log within two business days of receipt of the disclosure. The disclosure log shall include a summary of each disclosure received (whether anonymous or not), the status of the respective internal reviews, and any corrective action taken in response to the internal reviews.
H. Ineligible Persons
1. Definitions. For purposes of this CIA:
a. | an “Ineligible Person” shall include an individual or entity who: |
Cardiovascular Systems, Inc. Corporate Integrity Agreement
10
i. | is currently excluded from participation in any Federal health care program; or |
ii. | has been convicted of a criminal offense that falls within the scope of 42 U.S.C. § 1320a-7(a), but has not yet been excluded. |
b. | “Exclusion List” means the HHS/OIG List of Excluded Individuals/Entities (LEIE) (available through the Internet at http://www.oig.hhs.gov). |
2. Screening Requirements. CSI shall ensure that all prospective and current Covered Persons are not Ineligible Persons, by implementing the following screening requirements.
a. | CSI shall screen all prospective Covered Persons against the Exclusion List prior to engaging their services and, as part of the hiring or contracting process, shall require such Covered Persons to disclose whether they are Ineligible Persons. |
b. | CSI shall screen all current Covered Persons against the Exclusion List within 90 days after the Effective Date and on a monthly basis thereafter. |
c. | CSI shall implement a policy requiring all Covered Persons to disclose immediately if they become an Ineligible Person. |
Nothing in this Section III.H affects CSI’s responsibility to refrain from (and liability for) billing Federal health care programs for items or services furnished, ordered, or prescribed by an excluded person. CSI understands that items or services furnished, ordered, or prescribed by excluded persons are not payable by Federal health care programs and that CSI may be liable for overpayments and/or criminal, civil, and administrative sanctions for employing or contracting with an excluded person regardless of whether CSI meets the requirements of Section III.H.
3. Removal Requirement. If CSI has actual notice that a Covered Person has become an Ineligible Person, CSI shall remove such Covered Person from responsibility for, or involvement with, CSI’s business operations related to the Federal health care program(s) from which such Covered Person has been excluded and shall remove such Covered Person from any position for which the Covered Person’s compensation or the items or services furnished, ordered, or prescribed by the Covered
Cardiovascular Systems, Inc. Corporate Integrity Agreement
11
Person are paid in whole or part, directly or indirectly, by any Federal health care program(s) from which the Covered Person has been excluded at least until such time as the Covered Person is reinstated into participation in such Federal health care program(s).
4. Pending Charges and Proposed Exclusions. If CSI has actual notice that a Covered Person is charged with a criminal offense that falls within the scope of 42 U.S.C. §§ 1320a-7(a), 1320a-7(b)(1)-(3), or is proposed for exclusion during the Covered Person’s employment or contract term, CSI shall take all appropriate actions to ensure that the responsibilities of that Covered Person have not and shall not adversely affect the quality of care rendered to any beneficiary or the accuracy of any claims submitted to any Federal health care program.
I. Notification of Government Investigation or Legal Proceeding
Within 30 days after discovery, CSI shall notify OIG, in writing, of any ongoing investigation or legal proceeding known to CSI conducted or brought by a governmental entity or its agents involving an allegation that CSI has committed a crime or has engaged in fraudulent activities. This notification shall include a description of the allegation, the identity of the investigating or prosecuting agency, and the status of such investigation or legal proceeding. CSI also shall provide written notice to OIG within 30 days after the resolution of the matter and a description of the findings and/or results of the investigation or proceeding, if any.
J. Reportable Events
1. Definition of Reportable Event. For purposes of this CIA, a “Reportable Event” means anything that involves:
a. | a matter that a reasonable person would consider a probable violation of criminal, civil, or administrative laws applicable to any Federal health care program for which penalties or exclusion may be authorized; |
b. | a matter that a reasonable person would consider a probable violation of FDA requirements relating to the promotion of Government Reimbursed Products; |
c. | the employment of or contracting with a Covered Person who is an Ineligible Person as defined by Section III.H.1.a; or |
d. | the filing of a bankruptcy petition by CSI. |
Cardiovascular Systems, Inc. Corporate Integrity Agreement
12
A Reportable Event may be the result of an isolated event or a series of occurrences.
2. Reporting of Reportable Events. If CSI determines (after a reasonable opportunity to conduct an appropriate review or investigation of the allegations) through any means that there is a Reportable Event, CSI shall notify OIG, in writing, within 30 days after making the determination that the Reportable Event exists.
3. Reportable Events under Section III.J.1.a and III.J.1.b. For Reportable Events under Section III.J.1.a and III.J.1.b, the report to OIG shall include:
a. | a complete description of all details relevant to the Reportable Event, including, at a minimum, the types of claims, transactions or other conduct giving rise to the Reportable Event; the period during which the conduct occurred; and the names of individuals and entities believed to be implicated, including an explanation of their roles in the Reportable Event; |
b. | a statement of the Federal criminal, civil or administrative laws or FDA requirements that are probably violated by the Reportable Event, if any; and |
c. | a description of CSI’s actions taken to correct the Reportable Event and prevent it from recurring. |
4. Reportable Events under Section III.J.1.c. For Reportable Events under Section III.J.1.c, the report to OIG shall include:
a. | the identity of the Ineligible Person and the job duties performed by that individual; |
b. | the dates of the Ineligible Person’s employment or contractual relationship; |
c. | a description of the Exclusion List screening that CSI completed before and/or during the Ineligible Person’s employment or contract and any flaw or breakdown in the screening process that led to the hiring or contracting with the Ineligible Person; |
Cardiovascular Systems, Inc. Corporate Integrity Agreement
13
d. | a description of how the Ineligible Person was identified; and |
e | a description of any corrective action implemented to prevent future employment or contracting with an Ineligible Person. |
5. Reportable Events under Section III.J.1.d. For Reportable Events under Section III.J.1.d, the report to OIG shall include documentation of the bankruptcy filing and a description of any Federal health care program requirements implicated.
K. Requirements for Co-Marketing Activities
Within 90 days after the Effective Date, CSI shall establish the processes described in this section. CSI shall establish a process to ensure that a needs assessment has been completed for any Co-Marketing Activities, prior to engaging in such Co-Marketing Activities. The needs assessment shall identify the business need for performing the Co-Marketing Activities and provide details about the Co-Marketing Activities (i.e., information about the type of Co-Marketing Activities and the role and contribution of each HCP or HCI involved in the Co-Marketing Activities). CSI shall establish a process to evaluate the fair market value of such Co-Marketing Activities. CSI shall also establish a process ensuring that all arrangements to engage in Co-Marketing Activities are set forth in a written agreement that describes the scope of work to be performed by all parties to the arrangement, the fees to be paid, and any work product that will be produced.
L. Field Force Monitoring and Review Efforts
Within 90 days after the Effective Date, CSI shall establish a comprehensive Field Force Monitoring Program (FFMP) to evaluate and monitor its field sales personnel’s interactions with Health Care Professionals (HCPs) and Health Care Institutions (HCIs). The FFMP shall be a formalized process designed to directly and indirectly observe the appropriateness of sales personnel’s interactions with HCPs and HCIs and to identify improper conduct. As described in more detail below, the FFMP shall include: (1) direct field observations of sales personnel; and (2) the monitoring and review of other records relating to sales personnel’s interactions with HCPs and HCIs (Records Reviews).
1. Observations. As a component of the FFMP, CSI compliance or other appropriately trained CSI personnel who are independent from the product sales and marketing function (Monitoring Personnel) shall conduct observations of field sales representatives (including any contract sales personnel) to assess whether the messages delivered and materials distributed to HCPs and HCIs are consistent with applicable legal requirements and with CSI's Policies and Procedures. These observations shall be full
Cardiovascular Systems, Inc. Corporate Integrity Agreement
14
day ride-alongs with field sales representatives (Observations), and each Observation shall consist of directly observing all meetings between a field sales representative and HCPs and HCIs during the workday. The Observations shall be scheduled throughout the year, selected by Monitoring Personnel using appropriate criteria, include a review of each therapeutic area and actively promoted product, and be conducted across the United States.
At the completion of each Observation, Monitoring Personnel shall prepare a report which includes:
1) | the identity of the field sales representative; |
2) | the identity of the Monitoring Personnel who conducted the Observation; |
3) | the date and duration of the Observation; |
4) | the Government Reimbursed Product(s) promoted during the Observation; |
5) | an overall assessment of compliance with CSI's Policies and Procedures; and |
6) | the identification of any potential improper conduct by the field sales representative. |
Monitoring Personnel shall conduct Observations of 10% of the field sales representatives employed during each Reporting Period, or at least 20 field sales representatives, whichever is greater, during each Reporting Period.
2. Records Reviews. As a component of the FFMP, CSI shall also review various types of records to assess field sales representatives’ interactions with HCPs and HCIs and to identify potential or actual compliance violations. For each Reporting Period, CSI shall develop and implement a plan for conducting Records Reviews associated with one Government Reimbursed Product. The Records Reviews shall include a review of records relating to the activities of field sales representatives in every separate district and/or region (as applicable) who promoted the Government Reimbursed Product under review.
These Records Reviews shall include the monitoring and review of (1) records and systems associated with field sales representatives’ interactions with HCPs (including records relating to Co-Marketing Activities, consulting arrangements, travel and entertainment, expense reports, any payments to HCPs, and sales communications from managers); (2) field sales representative notes or other records from sales calls with HCPs, (3) field sales representative emails and other electronic records, and (4) recorded
Cardiovascular Systems, Inc. Corporate Integrity Agreement
15
results of the Observations of field sales representatives, coaching guides, and manager notes.
3. Reporting and Follow-up. Monitoring Personnel shall have access to all relevant records and information necessary to assess field sales representatives’ interactions with HCPs and HCIs and to identify potential or actual compliance violations. Results from the FFMP shall be compiled and reported to the Compliance Officer for review and remediation as appropriate. Potential violations of Federal health care program or FDA requirements shall be reported to the Compliance Officer for appropriate follow-up activity. In the event that a compliance issue, including but not limited to any potential improper promotion or noncompliance with CSI’s Policies and Procedures or legal or compliance requirements, is identified during any portion of the FFMP, CSI shall investigate the incident consistent with established Policies and Procedures for the handling of investigations. As part of the investigative procedures, findings shall be made and all necessary and appropriate responsive action (including disciplinary action) and corrective action shall be taken, including the disclosure of Reportable Events pursuant to Section III.J above, as applicable. Any compliance issues identified during the FFMP and any corrective action shall be recorded in the files of the Compliance Officer.
CSI shall include a summary of the FFMP and the results of the FFMP as part of each Annual Report. As part of each Annual Report, CSI also shall provide the OIG with copies of the Observation report for any instances in which it was determined that improper promotion occurred and a description of the action(s) that CSI took as a result of such determinations. CSI shall make the Observation reports for all other Observations available to the OIG upon request.
M. Reporting of Physician Payments.
1. Reporting of Payment Information. Within 90 days after the Effective Date, CSI shall post on its website a description of the types of Payments it makes to Covered Recipients and include a link to the Centers for Medicare & Medicaid Services (CMS) Open Payments Data website (www.cms.gov/openpayments). CSI also shall include on its website instructions regarding how to utilize the CMS Open Payments Data search tool to search for information regarding Payments provided to Covered Recipients from CSI.
2. Definitions. For purposes of this Section III.M, the terms “Payments” and “Covered Recipient” are defined as specified in 42 U.S.C. § 1320a-7h and the related regulations and guidance (including FAQs) published by CMS.
Cardiovascular Systems, Inc. Corporate Integrity Agreement
16
IV. | SUCCESSOR LIABILITY |
In the event that, after the Effective Date, CSI proposes to (a) sell any or all of its business, business units, or locations (whether through a sale of assets, sale of stock, or other type of transaction) relating to the furnishing of items or services that may be reimbursed by a Federal health care program, or (b) purchase or establish a new business, business unit, or location relating to the furnishing of items or services that may be reimbursed by a Federal health care program, the CIA shall be binding on the purchaser of any business, business unit, or location and any new business, business unit, or location (and all Covered Persons at each new business, business unit, or location) shall be subject to the applicable requirements of this CIA, unless otherwise determined and agreed to in writing by OIG.
If, in advance of a proposed sale or a proposed purchase, CSI wishes to obtain a determination by OIG that the proposed purchaser or the proposed acquisition will not be subject to the requirements of the CIA, CSI must notify OIG in writing of the proposed sale or purchase at least 30 days in advance. This notification shall include a description of the business, business unit, or location to be sold or purchased, a brief description of the terms of the transaction and, in the case of a proposed sale, the name and contact information of the prospective purchaser.
V. IMPLEMENTATION AND ANNUAL REPORTS
A. Implementation Report
Within 120 days after the Effective Date, CSI shall submit a written report to OIG summarizing the status of its implementation of the requirements of this CIA (Implementation Report). The Implementation Report shall, at a minimum, include:
1. the name, address, phone number, and position description of the Compliance Officer required by Section III.A.1, and a summary of other noncompliance job responsibilities the Compliance Officer may have;
2. the names and positions of the members of the Compliance Committee required by Section III.A.2;
3. the names of the Board members who are responsible for satisfying the Board of Directors compliance obligations described in Section III.A.3;
4. the names and positions of the Certifying Employees required by Section III.A.4 and a copy of the written process for Certifying Employees;
Cardiovascular Systems, Inc. Corporate Integrity Agreement
17
5. a list of the Policies and Procedures required by Section III.B;
6. the Training Plan required by Section III.C.1 and a description of the Board of Directors training required by Section III.C.2 (including a summary of the topics covered, the length of the training, and when the training was provided);
7. the processes for an annual budgeting plan and needs assessment for Consulting Activities required by Section III.D;
8. the following information regarding the IRO(s): (a) identity, address, and phone number; (b) a copy of the engagement letter; (c) information to demonstrate that the IRO has the qualifications outlined in Appendix A to this CIA; and (d) a certification from the IRO regarding its professional independence and objectivity with respect to CSI;
9. a description of the risk assessment and internal review process required by Section III.F;
10. a description of the Disclosure Program required by Section III.G;
11. a description of the Ineligible Persons screening and removal process required by Section III.H;
12. a summary of the policies and procedures relating to Co-Marketing Activities implemented by CSI pursuant to Section III.K;
13. a copy of the Policies and Procedures for the FFMP required by Section III.L;
14. a certification from the Compliance Officer that the information regarding Payments and the link to CMS’s Open Payments Data website has been posted on CSI’s website as required by Section III.M;
15. a list of all of CSI’s locations (including locations and mailing addresses) and the corresponding name under which each location is doing business;
16. a description of CSI’s corporate structure, including identification of any parent and sister companies, subsidiaries, and their respective lines of business; and
17. the certifications required by Section V.C.
Cardiovascular Systems, Inc. Corporate Integrity Agreement
18
B. Annual Reports
CSI shall submit to OIG a report on its compliance with the CIA requirements for each of the five Reporting Periods (Annual Report). Each Annual Report shall include, at a minimum, the following information:
1. any change in the identity, position description, or other noncompliance job responsibilities of the Compliance Officer; a current list of the Compliance Committee members, a current list of the Board members who are responsible for satisfying the Board of Directors compliance obligations, and a current list of the Certifying Employees;
2. the dates of each report made by the Compliance Officer to the Board (written documentation of such reports shall be made available to OIG upon request);
3. the Board resolution required by Section III.A.3 and a description of the documents and other materials reviewed by the Board, as well as any additional steps taken, in its oversight of the compliance program and in support of making the resolution;
4. a list of any new or revised Policies and Procedures developed during the Reporting Period;
5. a description of any changes to CSI’s Training Plan developed pursuant to Section III.C, and a summary of any Board of Directors training provided during the Reporting Period;
6. a description of any changes to the annual budgeting plan and need assessments processes for Consulting Activities required by Section III.D, including the reasons for such changes
7. a complete copy of all reports prepared pursuant to Section III.E and CSI’s response to the reports, along with corrective action plan(s) related to any issues raised by the reports;
8. a certification from the IRO regarding its professional independence and objectivity with respect to CSI;
9. a description of any changes to the risk assessment and internal review process required by Section III.F, including the reasons for such changes;
Cardiovascular Systems, Inc. Corporate Integrity Agreement
19
10. a summary of the following components of the risk assessment and internal review process during the Reporting Period as required by Section III.F: work plans developed, internal audits performed, corrective action plans developed in response to internal audits, and steps taken to track the implementation of the corrective action plans. Copies of any work plans, internal audit reports, and corrective action plans shall be made available to OIG upon request;
11. a summary of the disclosures in the disclosure log required by Section III.G that relate to Federal health care programs, including at least the following information: a description of the disclosure, the date the disclosure was received, the resolution of the disclosure, and the date the disclosure was resolved (if applicable). The complete disclosure log shall be made available to OIG upon request;
12. a description of any changes to the Ineligible Persons screening and removal process required by Section III.H, including the reasons for such changes;
13. a summary describing any ongoing investigation or legal proceeding required to have been reported pursuant to Section III.I. The summary shall include a description of the allegation, the identity of the investigating or prosecuting agency, and the status of such investigation or legal proceeding;
14. a summary of Reportable Events (as defined in Section III.J) identified during the Reporting Period;
15. a description of any changes to the Co-Marketing Activities process required by Section III.K, including the reasons for such changes;
16. a summary of the FFMP and the results of the FFMP required by Section III.L, including copies of the Observations for any instances in which it was determined that improper promotion occurred and a description of the action(s) that CSI took as a result of such determinations;
17. a certification from the Compliance Officer that the information regarding Payments has been posted on CSI’s website as required by Section III.M;
18. a description of all changes to the most recently provided list of CSI’s locations as required by Section V.A.15; and
19. the certifications required by Section V.C.
Cardiovascular Systems, Inc. Corporate Integrity Agreement
20
The first Annual Report shall be received by OIG no later than 60 days after the end of the first Reporting Period. Subsequent Annual Reports shall be received by OIG no later than the anniversary date of the due date of the first Annual Report.
C. Certifications
1. Certifying Employees. In each Annual Report, CSI shall include the certifications of Certifying Employees required by Section III.A.4;
2. Compliance Officer and Chief Executive Officer. The Implementation Report and each Annual Report shall include a certification by the Compliance Officer and Chief Executive Officer that:
a. | to the best of his or her knowledge, except as otherwise described in the report, CSI has implemented and is in compliance with all of the requirements of this CIA; and |
b. | he or she has reviewed the report and has made reasonable inquiry regarding its content and believes that the information in the report is accurate and truthful. |
3. Chief Financial Officer. The first Annual Report shall include a certification by the Chief Financial Officer that, to the best of his or her knowledge, CSI has complied with its obligations under the Settlement Agreement: (a) not to resubmit to any Federal health care program payors any previously denied claims related to the Covered Conduct addressed in the Settlement Agreement, and not to appeal any such denials of claims; (b) not to charge to or otherwise seek payment from federal or state payors for unallowable costs (as defined in the Settlement Agreement); and (c) to identify and adjust any past charges or claims for unallowable costs.
D.Designation of Information
CSI shall clearly identify any portions of its submissions that it believes are trade secrets, or information that is commercial or financial and privileged or confidential, and therefore potentially exempt from disclosure under the Freedom of Information Act (FOIA), 5 U.S.C. § 552. CSI shall refrain from identifying any information as exempt from disclosure if that information does not meet the criteria for exemption from disclosure under FOIA.
Cardiovascular Systems, Inc. Corporate Integrity Agreement
21
VI. NOTIFICATIONS AND SUBMISSION OF REPORTS
Unless otherwise stated in writing after the Effective Date, all notifications and reports required under this CIA shall be submitted to the following entities:
OIG:
Administrative and Civil Remedies Branch
Office of Counsel to the Inspector General
Office of Inspector General
U.S. Department of Health and Human Services
Cohen Building, Room 5527
330 Independence Avenue, S.W.
Washington, DC 20201
Telephone: 202 ###-###-####
Facsimile: 202 ###-###-####
CSI:
Compliance Officer
Cardiovascular Systems, Inc.
1225 Old Highway 8 NW
St. Paul, MN 55112
Telephone: 651 ###-###-####
Facsimile: 612 ###-###-####
Unless otherwise specified, all notifications and reports required by this CIA shall be made by electronic mail, overnight mail, hand delivery, or other means, provided that there is proof that such notification was received. Upon request by OIG, CSI may be required to provide OIG with an electronic copy of each notification or report required by this CIA in addition to a paper copy.
VII. OIG INSPECTION, AUDIT, AND REVIEW RIGHTS
In addition to any other rights OIG may have by statute, regulation, or contract, OIG or its duly authorized representative(s) may conduct interviews, examine and/or request copies of or copy CSI’s books, records, and other documents and supporting materials, and conduct on-site reviews of any of CSI’s locations, for the purpose of verifying and evaluating: (a) CSI’s compliance with the terms of this CIA and (b) CSI’s compliance with the requirements of the Federal health care programs and all applicable FDA requirements. The documentation described above shall be made available by CSI
Cardiovascular Systems, Inc. Corporate Integrity Agreement
22
to OIG or its duly authorized representative(s) at all reasonable times for inspection, audit, and/or reproduction. Furthermore, for purposes of this provision, OIG or its duly authorized representative(s) may interview any of CSI’s owners who are natural persons (other than (i) shareholders who: (1) have an ownership interest of less than 5% and (2) acquired the ownership interest through public trading, and (ii) shareholders who have an ownership interest of less than 5% of the common stock of CSI and who acquired that interest as compensation for services to CSI, or as a stock grant or through the issuance of stock under a CSI stock plan approved by CSI’s shareholders), employees, contractors, and directors who consent to be interviewed at the individual’s place of business during normal business hours or at such other place and time as may be mutually agreed upon between the individual and OIG. CSI shall assist OIG or its duly authorized representative(s) in contacting and arranging interviews with such individuals upon OIG’s request. CSI’s owners, employees, contractors, and directors may elect to be interviewed with or without a representative of CSI present.
VIII. DOCUMENT AND RECORD RETENTION
CSI shall maintain for inspection all documents and records relating to reimbursement from the Federal health care programs and to compliance with this CIA for six years (or longer if otherwise required by law) from the Effective Date.
IX. DISCLOSURES
Consistent with HHS’s FOIA procedures, set forth in 45 C.F.R. Part 5, OIG shall make a reasonable effort to notify CSI prior to any release by OIG of information submitted by CSI pursuant to its obligations under this CIA and identified upon submission by CSI as trade secrets, or information that is commercial or financial and privileged or confidential, under the FOIA rules. With respect to such releases, CSI shall have the rights set forth at 45 C.F.R. § 5.65(d).
X. BREACH AND DEFAULT PROVISIONS
CSI is expected to fully and timely comply with all of its CIA obligations.
A. Stipulated Penalties for Failure to Comply with Certain Obligations
As a contractual remedy, CSI and OIG hereby agree that failure to comply with certain obligations as set forth in this CIA may lead to the imposition of the following monetary penalties (hereinafter referred to as “Stipulated Penalties”) in accordance with the following provisions.
Cardiovascular Systems, Inc. Corporate Integrity Agreement
23
1. A Stipulated Penalty of $2,500 (which shall begin to accrue on the day after the date the obligation became due) for each day CSI fails to establish, implement or comply with any of the following obligations as described in Section III:
a. | a Compliance Officer; |
b. | a Compliance Committee; |
c. | the Board of Directors compliance obligations; |
d. | the management certification obligations; |
e. | written Policies and Procedures; |
f. | training and education of Covered Persons and members of the Board; |
g. | annual budget plan and needs assessment processes for Consulting Activities; |
h. | a risk assessment and internal review process; |
i. | a Disclosure Program; |
j. | Ineligible Persons screening and removal requirements; |
k. | notification of Government investigations or legal proceedings; |
l. | the Field Force Monitoring Program; |
m. | reporting of Reportable Events; |
n. | Co-Marketing Activities Requirements; and |
o. | Reporting of Physician Payments requirements. |
2. A Stipulated Penalty of $2,500 (which shall begin to accrue on the day after the date the obligation became due) for each day CSI fails to engage and use an IRO, as required by Section III.E, Appendix A, or Appendix B.
Cardiovascular Systems, Inc. Corporate Integrity Agreement
24
3. A Stipulated Penalty of $2,500 (which shall begin to accrue on the day after the date the obligation became due) for each day CSI fails to submit a complete Implementation Report, Annual Report or any certification to OIG in accordance with the requirements of Section V by the deadlines for submission.
4. A Stipulated Penalty of $2,500 (which shall begin to accrue on the day after the date the obligation became due) for each day CSI fails to submit any Systems Review Report or Transactions Review Report in accordance with the requirements of Section III.E and Appendix B.
5. A Stipulated Penalty of $1,500 for each day CSI fails to grant access as required in Section VII. (This Stipulated Penalty shall begin to accrue on the date CSI fails to grant access.)
6. A Stipulated Penalty of $50,000 for each false certification submitted by or on behalf of CSI as part of its Implementation Report, any Annual Report, additional documentation to a report (as requested by the OIG), or otherwise required by this CIA.
7. A Stipulated Penalty of $1,000 for each day CSI fails to comply fully and adequately with any obligation of this CIA. OIG shall provide notice to CSI stating the specific grounds for its determination that CSI has failed to comply fully and adequately with the CIA obligation(s) at issue and steps CSI shall take to comply with the CIA. (This Stipulated Penalty shall begin to accrue 10 days after the date CSI receives this notice from OIG of the failure to comply.) A Stipulated Penalty as described in this Subsection shall not be demanded for any violation for which OIG has sought a Stipulated Penalty under Subsections 1- 6 of this Section.
B. Timely Written Requests for Extensions
CSI may, in advance of the due date, submit a timely written request for an extension of time to perform any act or file any notification or report required by this CIA. Notwithstanding any other provision in this Section, if OIG grants the timely written request with respect to an act, notification, or report, Stipulated Penalties for failure to perform the act or file the notification or report shall not begin to accrue until one day after CSI fails to meet the revised deadline set by OIG. Notwithstanding any other provision in this Section, if OIG denies such a timely written request, Stipulated Penalties for failure to perform the act or file the notification or report shall not begin to accrue until three days after CSI receives OIG’s written denial of such request or the original due date, whichever is later. A “timely written request” is defined as a request in
Cardiovascular Systems, Inc. Corporate Integrity Agreement
25
writing received by OIG at least five days prior to the date by which any act is due to be performed or any notification or report is due to be filed.
C. Payment of Stipulated Penalties
1. Demand Letter. Upon a finding that CSI has failed to comply with any of the obligations described in Section X.A and after determining that Stipulated Penalties are appropriate, OIG shall notify CSI of: (a) CSI’s failure to comply; and (b) OIG’s exercise of its contractual right to demand payment of the Stipulated Penalties. (This notification shall be referred to as the “Demand Letter.”)
2. Response to Demand Letter. Within 10 days after the receipt of the Demand Letter, CSI shall either: (a) cure the breach to OIG’s satisfaction and pay the applicable Stipulated Penalties or (b) request a hearing before an HHS administrative law judge (ALJ) to dispute OIG’s determination of noncompliance, pursuant to the agreed upon provisions set forth below in Section X.E. In the event CSI elects to request an ALJ hearing, the Stipulated Penalties shall continue to accrue until CSI cures, to OIG’s satisfaction, the alleged breach in dispute. Failure to respond to the Demand Letter in one of these two manners within the allowed time period shall be considered a material breach of this CIA and shall be grounds for exclusion under Section X.D.
3. Form of Payment. Payment of the Stipulated Penalties shall be made by electronic funds transfer to an account specified by OIG in the Demand Letter.
4. Independence from Material Breach Determination. Except as set forth in Section X.D.1.c, these provisions for payment of Stipulated Penalties shall not affect or otherwise set a standard for OIG’s decision that CSI has materially breached this CIA, which decision shall be made at OIG’s discretion and shall be governed by the provisions in Section X.D, below.
D. Exclusion for Material Breach of this CIA
1. Definition of Material Breach. A material breach of this CIA means:
a. | repeated violations or a flagrant violation of any of the obligations under this CIA, including, but not limited to, the obligations addressed in Section X.A; |
b. | a failure by CSI to report a Reportable Event, take corrective action, or make the appropriate refunds, as required in Section III.J; |
Cardiovascular Systems, Inc. Corporate Integrity Agreement
26
c. | a failure to respond to a Demand Letter concerning the payment of Stipulated Penalties in accordance with Section X.C; or |
d. | a failure to engage and use an IRO in accordance with Section III.E, Appendix A, or Appendix B. |
2. Notice of Material Breach and Intent to Exclude. The parties agree that a material breach of this CIA by CSI constitutes an independent basis for CSI’s exclusion from participation in the Federal health care programs. The length of the exclusion shall be in the OIG’s discretion, but not more than five years per material breach. Upon a determination by OIG that CSI has materially breached this CIA and that exclusion is the appropriate remedy, OIG shall notify CSI of: (a) CSI’s material breach; and (b) OIG’s intent to exercise its contractual right to impose exclusion. (This notification shall be referred to as the “Notice of Material Breach and Intent to Exclude.”)
3. Opportunity to Cure. CSI shall have 30 days from the date of receipt of the Notice of Material Breach and Intent to Exclude to demonstrate that:
a. | the alleged material breach has been cured; or |
b. | the alleged material breach cannot be cured within the 30 day period, but that: (i) CSI has begun to take action to cure the material breach; (ii) CSI is pursuing such action with due diligence; and (iii) CSI has provided to OIG a reasonable timetable for curing the material breach. |
4. Exclusion Letter. If, at the conclusion of the 30 day period, CSI fails to satisfy the requirements of Section X.D.3, OIG may exclude CSI from participation in the Federal health care programs. OIG shall notify CSI in writing of its determination to exclude CSI. (This letter shall be referred to as the “Exclusion Letter.”) Subject to the Dispute Resolution provisions in Section X.E, below, the exclusion shall go into effect 30 days after the date of CSI’s receipt of the Exclusion Letter. The exclusion shall have national effect. Reinstatement to program participation is not automatic. At the end of the period of exclusion, CSI may apply for reinstatement by submitting a written request for reinstatement in accordance with the provisions at 42 C.F.R. §§ 1001.3001-.3004.
Cardiovascular Systems, Inc. Corporate Integrity Agreement
27
E. Dispute Resolution
1. Review Rights. Upon OIG’s delivery to CSI of its Demand Letter or of its Exclusion Letter, and as an agreed-upon contractual remedy for the resolution of disputes arising under this CIA, CSI shall be afforded certain review rights comparable to the ones that are provided in 42 U.S.C. § 1320a-7(f) and 42 C.F.R. Part 1005 as if they applied to the Stipulated Penalties or exclusion sought pursuant to this CIA. Specifically, OIG’s determination to demand payment of Stipulated Penalties or to seek exclusion shall be subject to review by an HHS ALJ and, in the event of an appeal, the HHS Departmental Appeals Board (DAB), in a manner consistent with the provisions in 42 C.F.R. § 1005.2-1005.21. Notwithstanding the language in 42 C.F.R. § 1005.2(c), the request for a hearing involving Stipulated Penalties shall be made within 10 days after receipt of the Demand Letter and the request for a hearing involving exclusion shall be made within 25 days after receipt of the Exclusion Letter. The procedures relating to the filing of a request for a hearing can be found at http://www.hhs.gov/dab/divisions/civil/procedures/divisionprocedures.html
2. Stipulated Penalties Review. Notwithstanding any provision of Title 42 of the United States Code or Title 42 of the Code of Federal Regulations, the only issues in a proceeding for Stipulated Penalties under this CIA shall be: (a) whether CSI was in full and timely compliance with the obligations of this CIA for which OIG demands payment; and (b) the period of noncompliance. CSI shall have the burden of proving its full and timely compliance and the steps taken to cure the noncompliance, if any. OIG shall not have the right to appeal to the DAB an adverse ALJ decision related to Stipulated Penalties. If the ALJ agrees with OIG with regard to a finding of a breach of this CIA and orders CSI to pay Stipulated Penalties, such Stipulated Penalties shall become due and payable 20 days after the ALJ issues such a decision unless CSI requests review of the ALJ decision by the DAB. If the ALJ decision is properly appealed to the DAB and the DAB upholds the determination of OIG, the Stipulated Penalties shall become due and payable 20 days after the DAB issues its decision.
3. Exclusion Review. Notwithstanding any provision of Title 42 of the United States Code or Title 42 of the Code of Federal Regulations, the only issues in a proceeding for exclusion based on a material breach of this CIA shall be whether CSI was in material breach of this CIA and, if so, whether:
a. | CSI cured such breach within 30 days of its receipt of the Notice of Material Breach; or |
b. | the alleged material breach could not have been cured within the 30 day period, but that, during the 30 day period |
Cardiovascular Systems, Inc. Corporate Integrity Agreement
28
following CSI’s receipt of the Notice of Material Breach: (i) CSI had begun to take action to cure the material breach; (ii) CSI pursued such action with due diligence; and (iii) CSI provided to OIG a reasonable timetable for curing the material breach.
For purposes of the exclusion herein, exclusion shall take effect only after an ALJ decision favorable to OIG, or, if the ALJ rules for CSI, only after a DAB decision in favor of OIG. CSI’s election of its contractual right to appeal to the DAB shall not abrogate OIG’s authority to exclude CSI upon the issuance of an ALJ’s decision in favor of OIG. If the ALJ sustains the determination of OIG and determines that exclusion is authorized, such exclusion shall take effect 20 days after the ALJ issues such a decision, notwithstanding that CSI may request review of the ALJ decision by the DAB. If the DAB finds in favor of OIG after an ALJ decision adverse to OIG, the exclusion shall take effect 20 days after the DAB decision. CSI shall waive its right to any notice of such an exclusion if a decision upholding the exclusion is rendered by the ALJ or DAB. If the DAB finds in favor of CSI, CSI shall be reinstated effective on the date of the original exclusion.
4. Finality of Decision. The review by an ALJ or DAB provided for above shall not be considered to be an appeal right arising under any statutes or regulations. Consequently, the parties to this CIA agree that the DAB’s decision (or the ALJ’s decision if not appealed) shall be considered final for all purposes under this CIA.
XI. EFFECTIVE AND BINDING AGREEMENT
CSI and OIG agree as follows:
A. This CIA shall become final and binding on the date the final signature is obtained on the CIA.
B. This CIA constitutes the complete agreement between the parties and may not be amended except by written consent of the parties to this CIA.
C. OIG may agree to a suspension of CSI’s obligations under this CIA based on a certification by CSI that it is no longer providing health care items or services that will be billed to any Federal health care program and it does not have any ownership or control interest, as defined in 42 U.S.C. §1320a-3, in any entity that bills any Federal health care program. If CSI is relieved of its CIA obligations, CSI shall be required to notify OIG in writing at least 30 days in advance if CSI plans to resume providing health care items or services that are billed to any Federal health care program or to obtain an
Cardiovascular Systems, Inc. Corporate Integrity Agreement
29
ownership or control interest in any entity that bills any Federal health care program. At such time, OIG shall evaluate whether the CIA will be reactivated or modified.
D. All requirements and remedies set forth in this CIA are in addition to and do not affect (1) CSI’s responsibility to follow all applicable Federal health care program requirements or (2) the government’s right to impose appropriate remedies for failure to follow applicable Federal health care program requirements.
E. The undersigned CSI signatories represent and warrant that they are authorized to execute this CIA. The undersigned OIG signatories represent that they are signing this CIA in their official capacities and that they are authorized to execute this CIA.
F. This CIA may be executed in counterparts, each of which constitutes an original and all of which constitute one and the same CIA. Electronically-transmitted copies of signatures shall constitute acceptable, binding signatures for purposes of this CIA.
Cardiovascular Systems, Inc. Corporate Integrity Agreement
30
ON BEHALF OF CARDIOVASCULAR SYSTEMS, INC.
_/s/ Scott Ward____________________ __6/28/16___________________
SCOTT WARD DATE
Chairman of the Board, Interim Chief
Executive Officer and President
_/s/ Michael Loucks________________ __6/28/16___________________
MICHAEL K. LOUCKS DATE
Skadden, Arps, Slate, Meagher & Flom, LLP
Counsel to Cardiovascular Systems, Inc.
Cardiovascular Systems, Inc. Corporate Integrity Agreement
31
ON BEHALF OF THE OFFICE OF INSPECTOR GENERAL
OF THE DEPARTMENT OF HEALTH AND HUMAN SERVICES
__/s/ Robert K. Deconti______________ ____6/23/16____________
ROBERT K. DECONTI DATE
Assistant Inspector General for Legal Affairs
Office of Inspector General
U.S. Department of Health and Human Services
_/s/ Laura E. Ellis________________________ _____6/24/16___________
LAURA E. ELLIS DATE
Senior Counsel
APPENDIX A
INDEPENDENT REVIEW ORGANIZATION
This Appendix contains the requirements relating to the Independent Review Organization (IRO) required by Section III.E of the CIA.
A. IRO Engagement
1. CSI shall engage an IRO that possesses the qualifications set forth in Paragraph B, below, to perform the responsibilities in Paragraph C, below. The IRO shall conduct the review in a professionally independent and objective fashion, as set forth in Paragraph D. Within 30 days after OIG receives the information identified in Section V.A.8 of the CIA or any additional information submitted by CSI in response to a request by OIG, whichever is later, OIG will notify CSI if the IRO is unacceptable. Absent notification from OIG that the IRO is unacceptable, CSI may continue to engage the IRO.
2. If CSI engages a new IRO during the term of the CIA, this IRO shall also meet the requirements of this Appendix. If a new IRO is engaged, CSI shall submit the information identified in Section V.A.8 of the CIA to OIG within 30 days of engagement of the IRO. Within 30 days after OIG receives this information or any additional information submitted by CSI at the request of OIG, whichever is later, OIG will notify CSI if the IRO is unacceptable. Absent notification from OIG that the IRO is unacceptable, CSI may continue to engage the IRO.
B. IRO Qualifications
The IRO shall:
1.assign individuals to conduct the IRO Reviews who have expertise in the medical device industry and have expertise in all applicable Federal health care program and FDA requirements relating to Covered Functions, including but not limited to the Federal Anti-Kickback Statute (codified at 42 U.S.C. § 1320a-7b(b)). The assigned individuals shall also be knowledgeable about the general requirements of the Federal health care program(s) under which Government Reimbursed Products are reimbursed;
2.assign individuals to design and select the samples for the Transactions Reviews who are knowledgeable about the appropriate statistical sampling techniques; and
3.have sufficient staff and resources to conduct the reviews required by the CIA on a timely basis.
C. IRO Responsibilities
The IRO shall:
1. perform each IRO Review in accordance with the specific requirements of the CIA;
2. follow all applicable Federal health care program and FDA requirements in making assessments in each IRO Review;
3. respond to all OIG inquires in a prompt, objective, and factual manner; and
4. prepare timely, clear, well-written reports that include all the information required by Appendix B to the CIA.
D. IRO Independence and Objectivity
The IRO must perform each IRO Review in a professionally independent and objective fashion, as defined in the most recent Government Auditing Standards issued by the United States Government Accountability Office.
E. IRO Removal/Termination
1. CSI and IRO. If CSI terminates its IRO or if the IRO withdraws from the engagement during the term of the CIA, CSI must submit a notice explaining its reasons for termination or the reason for withdrawal to OIG no later than 30 days after termination or withdrawal. CSI must engage a new IRO in accordance with Paragraph A of this Appendix and within 60 days of termination or withdrawal of the IRO.
2. OIG Removal of IRO. In the event OIG has reason to believe the IRO does not possess the qualifications described in Paragraph B, is not independent and objective as set forth in Paragraph D, or has failed to carry out its responsibilities as described in Paragraph C, OIG shall notify CSI in writing regarding OIG’s basis for determining that the IRO has not met the requirements of this Appendix. CSI shall have 30 days from the date of OIG’s written notice to provide information regarding the IRO’s qualifications, independence or performance of its responsibilities in order to resolve the concerns identified by OIG. If, following OIG’s review of any information provided by CSI regarding the IRO, OIG determines that the IRO has not met the requirements of this Appendix, OIG shall notify CSI in writing that CSI shall be required to engage a new IRO in accordance with Paragraph A of this Appendix. CSI must engage a new IRO within 60 days of its receipt of OIG’s written notice. The final determination as to whether or not to require CSI to engage a new IRO shall be made at the sole discretion of OIG.
APPENDIX B
IRO REVIEWS
A. IRO Engagement, General Description
As specified more fully below, CSI shall retain an IRO to perform engagements to assist CSI in assessing and evaluating certain of its systems, processes, policies, and procedures related to CSI’s Covered Functions (IRO Review). The IRO Review shall consist of two components - a systems review (Systems Review) and a transactions review (Transactions Review) as described more fully below. CSI may engage, at its discretion, a single entity to perform both components of the IRO Review, provided that the entity has the necessary expertise and capabilities to perform both.
If there are no material changes in CSI’s systems, processes, policies, and procedures relating to Covered Functions, the IRO shall perform the Systems Review of certain systems, processes, policies and procedures relating to Covered Functions (as set forth below) for the second and fourth Reporting Periods. If CSI materially changes its systems, processes, policies, and procedures relating to Covered Functions, the IRO shall perform a Systems Review for the Reporting Period(s) in which such changes were made in addition to conducting the Review as set forth above. The additional Systems Review(s) shall consist of: (1) an identification of the material changes, and (2) a review of the systems, processes, policies, and procedures that materially changed.
The IRO shall conduct the Transactions Review for each Reporting Period of the CIA.
B. IRO Systems Review
The Systems Review shall be a review of CSI’s systems, processes, policies, and procedures (including the controls on those systems, processes, policies, and procedures) relating to Covered Functions. More specifically, the IRO shall review CSI’s systems, processes, policies, and procedures associated with the following (hereafter “Reviewed Policies and Procedures”):
1. Co-Marketing Activities, as defined in Section II.G of the CIA, and any and all events and expenses relating to any such activity;
2. Consulting Activities, as defined in Section II.H of the CIA and all events and expenses relating to such engagements or arrangements;
3. Funding of grants (including CME and non-CME third party educational activities, research and “in-kind” grants) and healthcare-related charitable contributions;
4. Review and approval of travel and related expenses for HCPs including those in connection with HCPs’ participation in educational, research, or other CSI-sponsored programs or activities;
5. Identification, tracking, and reporting to the CMS of Payments pursuant to Section 6002 of the Patient Protection and Affordable Care Act, as amended by the Health Care and Education Reconciliation Act of 2010, and the related regulations and guidance (including FAQs) published by CMS;
6. Materials and information about Government Reimbursed Products that may be distributed by CSI sales representatives (including any contract sales representatives) and materials or information that may be distributed or made available by CSI through social media and/or direct-to-consumer advertising, including CSI’s internal review and approval of such materials and information;
7. Funding of, or participation in, Third Party Educational Activity, as defined in Section II.F of the CIA, and any and all events and expenses relating to any such activity.
C. IRO Systems Review Report
The IRO shall prepare a report based upon each Systems Review performed. For each of the Reviewed Policies and Procedures identified in Section B above, the report shall include the following items:
1. a description of the documentation (including policies) reviewed and any personnel interviewed;
2. a detailed description of CSI’s systems, policies, processes, and procedures relating to the items identified in Sections B.1-7 above, including a general description of CSI’s control and accountability systems (e.g., documentation and approval requirements, and tracking mechanisms) and written policies regarding the Reviewed Policies and Procedures;
3. a description of the manner in which the control and accountability systems and the written policies relating to the items identified in Sections B.1-7 above are made known or disseminated within CSI;
4. findings and supporting rationale regarding any weaknesses in CSI’s systems, processes, policies, and procedures relating to the Reviewed Policies and Procedures, if any; and
5. recommendations to improve any of the systems, policies, processes, or procedures relating to the Reviewed Policies and Procedures, if any.
D. IRO Transactions Review
The Transactions Review shall include a review of: (1) a sample of Co-Marketing Activity agreements, and (2) a sample of Consulting Activities. The IRO shall report on all aspects of its reviews in the Transactions Review Report.
1. Review of Co-Marketing Activities. The IRO shall review 10% of HCPs and HCIs with Co-Marketing Activity agreements, or at least 20 HCPs and HCIs with Co-Marketing Activity agreements, whichever is greater. The IRO shall select its sample of HCPs and HCIs with Co-Marketing Activity agreements for review in consultation with OIG after CSI provides the IRO and the OIG with the name and NPI number of each HCP or HCI with which CSI has a Co-Marketing Activity agreement.
For each Co-Marketing Activity agreement that the HCP or HCI being reviewed has with CSI, the IRO shall determine:
a. | How CSI determined the business need for performing Co-Marketing Activities with the HCP(s) and HCI(s); |
b. | How the targets or audience of each Co-Marketing Activity were selected and by whom; |
c. | The contributions of each party to each Co-Marketing Activity, and the financial value of those contributions; |
d. | How CSI determined that each party was contributing and receiving fair market value to the Co-Marketing Activities; |
e. | That the Co-Marketing Activity agreement was reviewed and approved in accordance with CSI's Policies and Procedures; and |
f. | That CSI collected and retained records of the activities of each party to the Co-Marketing Activity agreement. |
2. Review of Consulting Activities. The IRO shall select and review a sample of 10% of Consulting Activity arrangements, or at least 20 Consulting Activity arrangements, whichever is greater, entered into during the Reporting Period with HCPs and HCIs and all related expenses. Prior to the determination of the number of each type of Consulting Activity to be reviewed CSI shall provide the following information to the OIG: 1) a description of each type of Consulting Activity undertaken during the Reporting Period and a description of the services to be provided under each Consulting Activity; 2) the number of each type of Consulting Activity undertaken during the Reporting Period; and 3) the overall budgeted amount to be spent in connection with each type of Consulting Activity during the Reporting Period. The IRO shall select its sample of Consulting Activities for review in consultation with OIG after the provision of information about the Consulting Activities to the OIG.
For each Consulting Activity reviewed the IRO shall determine whether:
a. a written agreement was in place for each Consulting Activity that describes the scope of work to be performed, the fees and related expenses to be paid for the Consulting Activity, and the compliance obligations for the Consultant;
b. the compensation to be paid for the Consulting Activity was determined in accordance with a centrally managed, pre-set rate structure established by CSI;
c. the rate structure was established based on a fair market value analysis conducted by CSI;
d. the Consulting Activity was identified in the annual Consultant budgeting plan developed by CSI;
e. a needs assessment that identifies the business need for the Consulting Activity and provides details about the Consulting Activity was completed prior to the initiation of the Consulting Activity;
f. the Consulting Activity was reviewed and approved in accordance with CSI's Policies and Procedures;
g. CSI collected and retained a record of the specific activity performed by the HCP and, if applicable, a copy of the work product generated by the HCP in connection with the Consulting Activity; and
h. the activity undertaken by the Consultant and/or the work product generated by the HCP was used by CSI in a manner consistent with the needs assessment that was completed prior to the initiation of the Consulting Activity.
3. OIG Review of Proposed Work Plan. At least 30 days prior to the end of each Reporting Period, the IRO shall submit to OIG a work plan outlining the methodology for each element of the Transactions Review described above. The OIG shall have 30 days to provide any comments regarding the work plan; if no comments are provided, the IRO may proceed with the work plan as proposed.
E. Transactions Review Report
For each Reporting Period, the IRO shall prepare a report based on its Transactions Review. The report shall include the following:
1. General Elements to Be Included in Report.
a. | Review Objectives: A clear statement of the objectives intended to be achieved by each part of the review; |
b. | Review Protocol: A detailed narrative description of the procedures performed and a description of the sampling unit and universe utilized in performing the procedures for each sample reviewed; and |
c. | Sources of Data: A full description of documentation and other information, if applicable, relied upon by the IRO in performing the Transactions Review. |
2. Results to be Included in Report. The following results shall be included in each Transactions Review Report:
a. Relating to the Review of Co-Marketing Activities
For or each Co-Marketing Activity reviewed, the IRO’s findings and supporting rationale as to:
(i) | whether and how CSI determined a business need for performing the Co-Marketing Activities with the HCP(s) and the HCI(s); |
(ii) | whether and how the targets or audience of each Co-Marketing Activity were selected, and by whom; |
(iii) | the contributions of each party to each Co-Marketing Activity, and the financial value of those contributions;; |
(iv) | whether and how CSI determined that each party was contributing and receiving fair market value to the Co-Marketing Activities; |
(v) | whether the Co-Marketing Activity was reviewed and approved in accordance with CSI's Policies and Procedures; |
(vi) | whether CSI collected and retained records of the activities of each party to the Co-Marketing Activities; |
(vii) | any weaknesses in CSI’s systems, processes, policies, procedures and/or practices relating to Co-Marketing Activities; and |
(viii) | any recommendations for improvements to CSI’s systems, processes, policies, procedures and/or practices relating to Co-Marketing Activities. |
b. Relating to the Review of Consulting Activities
(i) | in connection with the review of Consulting Activities, a description of each type of Consulting Activity reviewed, including the number of each type of Consulting Activity reviewed and an identification of the types of documents and information reviewed for each Consulting Activity; |
(ii) | for each Consulting Activity reviewed, the IRO’s findings and supporting rationale as to whether: |
(1) | a written agreement was in place for each Consulting Activity that describes the scope of work to be performed, the fees and expenses to be paid for each Consulting Activity, and the compliance obligations for the Consultant; |
(2) | the compensation to be paid for the Consulting Activity was determined in accordance with a centrally managed, pre-set rate structure set by CSI; |
(3) | the rate structure was established based on a fair market value analysis conducted by CSI; |
(4) | the Consulting Activity was identified in the annual Consulting budgeting plan developed by CSI; |
(5) | a needs assessment that identifies the business need for the Consulting Activity and provides detail about the activity was prepared prior to the initiation of the Consulting Activity; |
(6) | the Consulting Activity was reviewed and approved in accordance with CSI's Policies and Procedures, |
(7) | CSI collected and retained a record of the specific activity performed by the HCP and, if applicable, a copy of the work product generated in connection with the Consulting Activity; |
(8) | the activity undertaken by the Consultant and/or the work product generated was used by CSI in a manner consistent with the needs assessment that was completed prior to the initiation of the Consulting Activity; |
(9) | the IRO identified any weaknesses in CSI’s systems, processes, policies, procedures and/or practices relating to Consulting Activities; and |
(10) | the IRO has recommendations for improvements to CSI’s systems, processes, policies, procedures and/or practices relating to Consulting Activities. |
Cardiovascular Systems, Inc. Corporate Integrity Agreement
32