Chilivis Grubman News

Georgia Composite Medical Board Extends Tele-Prescribing Flexibility until May 1

In December, we notified you of significant changes to telemedicine prescribing by the Georgia Composite Medical Board.

The Ryan Haight Online Pharmacy Consumer Protection Act, enacted in 2008, aimed to address concerns regarding the illicit distribution of controlled substances online. One key provision mandated an in-person medical examination before prescribing controlled substances, emphasizing direct patient-physician interaction for proper evaluation.

However, in response to the challenges posed by the unforeseen COVID-19 Public Health Emergency (PHE), the Drug Enforcement Agency (DEA) temporarily allowed physicians practicing via telemedicine to prescribe Schedule II-V controlled substances, including Schedule III-V narcotic-controlled medications for opioid use disorder treatment. While the PHE ended on May 11, 2023, the DEA and the Substance Abuse and Mental Health Services Administration (SAMHSA) extended telemedicine flexibilities through a temporary rule, allowing physicians to prescribe controlled substances via telemedicine until December 31, 2024.

But in its December 2023 meeting, the Board voted to rescind its previous position on the flexibility allowed through the DEA’s telehealth prescribing policy during and after the COVID-19 pandemic, asserting that effective January 1, 2024, all licensees in Georgia would be required to adhere strictly to the Medical Practice Act and Board Rules for proper prescribing practices. Under Chapter 360-3 of the Rules of the Georgia Composite Medical Board, when initially prescribing a controlled substance for the treatment of pain or chronic pain, a physician must have a medical history of the patient, conduct a physical examination, and obtain informed consent. 

The sudden reimposition of the pre-pandemic rules confused prescribers over what exactly was and was not permissible. Doctors sought clarity on what that meant for existing patients and how to handle upcoming refills. Some doctors decided to stop seeing virtual patients for controlled drugs altogether until the board clarified what was legal.



Amongst the confusion, the Board has decided to delay the ban until May 1, 2024. Currently, we know that doctors writing prescriptions for controlled substances/dangerous drugs must start with an in-person visit with the patient. After that, requirements will vary based on the type of scheduled drug. For instance, opioids such as Oxycodone will have different rules than Adderall, used to treat Attention-deficit/hyperactivity disorder (ADHD).

Dr. William Bostock, the Board’s chair, told a reporter that such rules are important “to protect the citizens of Georgia from dangerous medication which requires direct provider supervision to help prevent diversion (for illegal use) and unnecessary prescribing.” The Board indicated it is developing some answers to frequently asked questions about telemedicine and tele-prescribing which will be published on its website.

The Next Frontier? A.I., Big Data, And The Rise Of “Data Realtors"

by Scott R. Grubman

Recently, as I scrolled through my Google News Alert email for “False Claims Act,” one government press release caught my eye. The title – “National Roofing Company Settles PPP Fraud Allegations for $9 Million” – while certainly noteworthy, was not what interested me. Instead, it was the identity of the whistleblower: Sidesolve, LLC, which the press release stated would receive a $1 million whistleblower bounty after settling a False Claims Act case. Sidesolve describes itself as an AI/data analytics company that uses “data science to find large scale corporate fraud in healthcare, such as kickbacks and fake medical equipment.”

The Sidesolve FCA case was brought by a well-known and respected FCA whistleblower law firm, which included the following in their press release announcing the historic settlement:

“An unusual twist to this case is that our relator, Sidesolve LLC, has no preexisting relationship with the defendant.”

In other words, Sidesolve – which itself is nothing more than a Certificate of Organization somewhere on the Secretary of State’s web portal – did nothing more than program an algorithm to comb through publicly-available PPP data and uncover an anomaly that could, potentially, indicate fraud. And, using the whole “even a broken clock is right twice a day” philosophy, if one were inclined to file enough of these cases against enough defendants, some of them are bound to stick, or at least result in a substantial settlement.

To be clear, I know these plaintiff attorneys personally, and can confirm that they are great people and outstanding lawyers, and I sincerely congratulate them on their continued success. That being said, and with all respect to my friends, the Sidesolve settlement raises some serious questions regarding the purpose of the FCA’s whistleblower provisions. Those provisions, also known as the qui tam provisions, permit whistleblowers to receive between 15 and 30% of the government’s eventual, often sizable, recovery. Do these “data Relators” actually serve the intended purpose of those provisions? To put it bluntly, what unique and valuable role do these data Relators serve that justifies their receipt of six- and sometimes seven-figure whistleblower awards? If the purpose of the FCA’s whistleblower provisions is to encourage corporate insiders to come forward with knowledge of fraud or wrongdoing, does an LLC with “no preexisting relationship with the defendant” deserve $1 million?

Before you assume that the Sidesolve case was “one of a kind,” without going into details for reasons related to the FCA’s seal provisions, I can personally attest to the fact that this is not the only data Relator case making its way through the FCA investigative process. In fact, recently, I spoke on an FCA conference panel with another notable whistleblower attorney who touted his firm’s success in mining publicly available Medicare data and then, similar to Sidesolve, filing whistleblower complaints under the FCA on behalf of faceless LLCs.

To be fair, I would not go so far as to say these data Relators serve no purpose. There is probably some value in having private individuals search through publicly available data and point out suspicious patterns for the government. But, since the government has equal (and probably better) access to the exact same data, and also has plenty of very sophisticated computer scientists to help implement advanced algorithms in order to search that data without the need for a whistleblower, are these private data Relators truly earning their oftentimes substantial bounty? In a world where AI now allows anyone with a smartphone to create a sophisticated algorithm on voice command, I think that is a serious question that will need to be answered soon.

In addition to these policy questions, as technology advances and, inevitably, more data Relators emerge, courts will also be faced with whether such cases pass muster under the FCA’s “Public Disclosure Bar,” which requires dismissal of an FCA whistleblower action if the underlying allegations or transactions were publicly disclosed. Given that federal courts generally interpret the public disclosure bar broadly, data Realtors will likely face a difficult time pursuing a declined FCA case where the complaint was based solely upon their combing of publicly available data.

To further illustrate this point, it is helpful to look at the Supreme Court’s decision in Schindler Elevator (131 S.Ct. 1885, 2011). There, in holding that responses to FOIA requests were covered by the FCA’s public disclosure bar, the Court, in a decision authored by Justice Scalia, held that the case “seems to us a classic example of the ‘opportunistic’ litigation that the public disclosure bar is designed to discourage, because anyone could have filed the same FOIA requests and then filed the same suit.” Could the Court say the same thing about a data Relator LLC, set up for the sole purpose of combing publicly available data in search of a statistical anomaly and, hopefully, a hefty whistleblower award? For now, I’ll leave it with the old adage, “only time will tell.”

Pharmaceutical Company Agrees to $6 Million Settlement to Resolve FCA Allegations

On December 21, 2023, the DOJ announced that Ultragenyx Pharmaceutical Inc. reached a $6 million settlement to resolve allegations of violating the False Claims Act. The pharmaceutical company, based in California and specializing in rare disorders, faced accusations of submitting false claims to Medicare and Medicaid by providing kickbacks to beneficiaries and a laboratory. 

Ultragenyx manufactures Crysvita, an FDA-approved drug for treating X-linked hypophosphatemia in both adults and pediatric patients. XLH is a rare, inherited disorder that is often definitively diagnosed via genetic testing. Ultragenyx initiated a program with a genetic testing laboratory where the company covered the costs of genetic tests, provided results to healthcare providers (HCPs), and utilized the data for marketing purposes.

The DOJ alleged that Ultragenyx’s actions constituted kickbacks, involving the provision of free genetic tests to beneficiaries that purportedly influenced the purchase of Crysvita. Additionally, the company made separate payments to the laboratory for test result information, which was then used for marketing purposes to target HCPs with potential Crysvita patients. 

The allegations resolved by the settlement agreement were, in part, originally brought in a case filed under the whistleblower, or qui tam, provision of the False Claims Act. The False Claims Act permits private parties to sue for fraud on behalf of the United States and to share in any recovery. The act also permits the government to intervene in such actions, as the government did, in part, in this case. Of the settlement amount, approximately $5.8 million will contribute to Medicare and the federal share of Medicaid, with an additional $200,000 allocated for State Medicaid programs. The whistleblower stands to receive around $1.07 million from the federal portion of the recovery.

Home Health Care Company Will Pay Approximately $10 Million to Resolve Allegations of Violating the FCA

The DOJ also announced that Atlantic Home Health Care LLC (AHH) has agreed to pay $9,990,944 to resolve allegations of violating the FCA. AHH’s former Corporate Administrator and Director of Human Resource Administration and Management, Tonya Cass, initially brought civil claims against AHH under the qui tam provisions of the FCA, which allows relators like Cass to get a percentage of the amount recovered. Cass will receive approximately $1.7 million from this settlement, which would also resolve her direct claims.

According to the government, AHH falsely billed the Energy Employees Occupational Illness Compensation Program (EEOICP) between 2017 and 2021. The EEOICP is a healthcare program administered by the Department of Labor that provides benefits for Department of Energy employees and contractors who were injured or became ill on the job. It is alleged that AHH falsely billed the EEOICP for in-home nursing and personal care when its employees were not physically present and receiving the foregoing care. 

The government further alleged that AHH violated the Anti-Kickback Statute (AKS), which is a criminal statute that prohibits soliciting or receiving renumeration in exchange for patient referrals. AHH allegedly made case payments, up to $5,000, and in-kind payments for patient referrals via its “friends and family program”. AHH made a voluntary disclosure concerning possible AKS violations before the government disclosed its investigation. The government acknowledged AHH’s cooperation in the settlement agreement.

When this agreement was announced, Principal Deputy Assistant Attorney General Brian M. Boynton, head of the Justice Department’s Civil Division commented “[w]e are dedicated to ensuring that program beneficiaries receive proper care and that taxpayer dollars are protected from waste, fraud and abuse.” The government has long regarded the FCA as one of its most powerful tools to combat healthcare fraud, and it recovers billions of dollars annually from FCA cases.

NJ Hospital and Investors Will Pay Over $30 Million to Resolve FCA Allegations

In another multi-million dollar settlement, the DOJ announced that Silver Lake Hospital and its investors agreed to pay over $30,000,000 to resolve allegations of violating tthe FCA and the Federal Debt Collection Procedures Act (FDCPA). Silver Lake is a New Jersey based long-term care hospital that allegedly claimed excessive cost outlier payments from Medicare.

Medicare provides cost outlier payments to supplement reimbursements when a patient’s cost of care is unusually high. The supplemental outlier payment system was enacted by Congress to incentivize hospitals to treat inpatients with atypical care costs. The government alleged that Silver Lake distorted the cost outlier payment system by increasing its charges in excess of any increase in its costs. By increasing its charges, Silver Lake allegedly skewed the cost outlier formula that multiplies the hospital’s current charges by its cost-to-charge ratios to adjust the hospital’s charges to the hospital’s costs. Silver Lake will pay over $18.6 million, plus interest, over a period of five years. 

The government further alleged that Silver Lake transferred millions to its investors without receiving equivalent value in return, when the hospital knew or should have known that it would not be able to repay its debts to Medicare. As such, Silver Lake’s investors will pay $12 million, plus interest, to resolve allegations of violating the FDCPA.

Upon announcement of the foregoing settlement, U.S. Attorney Philip R. Sellinger for the District of New Jersey commented that “Medicare is not there for hospitals and their investors to gain unwarranted financial windfalls. As alleged, this hospital falsely reported its costs to Medicare for years and reaped millions in unjustified payments. Along with our partners, this office is committed to protecting the Medicare system from all forms of fraud schemes.”

Oil Company to Pay Nearly $35 Million to Resolve Allegations of Violating the FCA

As a reminder that FCA enforcement is not limited to the healthcare industry, the DOJ also recently announced that oil and natural gas company Hilcorp San Juan L.P. has agreed to pay $34.6 million to resolve allegations of violating the False Claim Act (FCA).

According to the government, Hilcorp underpaid royalties to the Office of Natural Resources Revenue (ONRR) from August 2017 through December 2018. Congress allows Hilcorp to lease federal land in the San Juan Basin in exchange for royalty payments based on the value of the oil and gas produced. The Government contends that Hilcorp only made royalty payments based on estimated volumes and prices. Hilcorp neither indicated that their payments were based on estimates nor made subsequent payments based on the actual volumes and values. Per 30 U.S.C § 172 (h), actual royalties must be paid at the end of the month following the month an estimated payment was made. As such, the government alleges that that Hilcorp knowingly and improperly avoided its obligation to pay the ONRR full royalty payments.

Hilcorp ultimately cooperated with the government’s investigation and assisted in determining losses for royalty underpayments. Hilcorp’s cooperation afforded them credit under the DOJ Justice Manual, Section 4-4.112, Guidelines for Taking Disclosure, Cooperation, and Remediation into Account in False Claims Act Matters. Upon announcement of this settlement, Principal Deputy Assistant Attorney General Brian M. Boynton, head of the Justice Department’s Civil Division commented that “U.S. taxpayers deserve a fair share of the revenues received by companies that extract natural resources from public lands” and the government “[…]remains committed to ensuring that energy companies accurately report and pay to the United States the amount of royalties that are owed for their use of these resources.”

Miami Man Sentenced to Over 4 Years in Prison for Selling Adulterated HIV Medications

After previously pleading guilty to one count of conspiracy to introduce adulterated and misbranded drugs into interstate commerce, Armando Herrera has been sentenced to four years in prison.

According to court documents, Herrera and his co-conspirators established companies in Florida, Texas, Washington, and California to use as channels for the sale and distribution of adulterated medications, including medications for HIV. Herrera used the sham companies to sell and distribute adulterated medications, or prescription drugs that have been substituted wholly or in part which could reduce the drug’s quality, to wholesale pharmaceutical suppliers. Herrera and his co-conspirators manufactured false documentation to make their drugs appear legitimate. In turn, the adulterated prescriptions were distributed to unsuspecting pharmacies and ultimately to patients. 

Court documents suggest that over $16.7 million worth of adulterated drugs were introduced into interstate commerce, including popular HIV drugs such as Truvada and Biktarvy. Biktarvy is a 1-pill per day prescription medicine used to treat HIV-1 in adults and some children. Truvada is used to both treat HIV and for pre-exposure prophylaxis—to protect against the virus. More than $1.5 million worth of adulterated prescription drugs were seized by federal agents, including more than 16,000 adulterated and misbranded HIV tablets.

Former Department of Homeland Security Employees Sentenced for Conspiracy to Steal Proprietary U.S. Government Software and Databases

On January 29, the DOJ announced that three former Department of Homeland Security (DHS) employees were sentenced in the District of Columbia for their involvement in a conspiracy to steal proprietary software and sensitive law-enforcement databases from the United States government.

The individuals held notable positions within the DHS, with Charles K. Edwards, former Acting Inspector General of the DHS Office of Inspector General (DHS-OIG), and Sonal Patel and Murali Y. Venkata working in DHS-OIG’s information technology department. The trio allegedly used their roles to acquire government software and databases containing “sensitive” law-enforcement information and personally identifiable information (PII) of over 200,000 federal employees from both DHS-OIG and the U.S. Postal Service Office of Inspector General (USPS-OIG).

According to the government, Venkata, Patel, and Edwards intended to use the acquired software and databases to develop a commercial product for potential sale to government agencies. They hired a software development company in India to build the purported commercial product. To facilitate the Indian developers’ work, the former DHS employees gave the developers access to a large amount of sensitive information including law-enforcement records, witness and confidential informant information, and “hundreds of thousands” of government employees’ PII per the notice to victims. This sparked concerns about potential misuse and its impact on national security.

In January 2022, Edwards pleaded guilty to conspiracy to commit theft of government property and to defraud the United States and theft of government property. He was sentenced to one year and six months in prison. Patel pleaded guilty to conspiracy to commit theft of government property in April 2019, and was sentenced to two years of probation. In April 2022, a jury convicted Venkata of conspiracy to commit theft of government property and to defraud the United States, theft of government property, wire fraud, and destruction of records. He was sentenced to four months in prison.

Regulatory Affairs Specialist Sentenced to Prison for Falsifying FDA Documents

The DOJ also announced that Peter Stoll III, former employee of a medical device company located in Pennsylvania, will serve prison time for falsifying U.S. Food and Drug Administration (FDA) documents.

Stoll was employed as a regulatory affairs specialist, and he was responsible for completing the FDA’s Premarket Notification 510(k) clearance process before the company could market and sell its medical devices. Companies are required to submit documentation to demonstrate that their device is as safe and effective as to be “substantially equivalent” to a legally marketed device. Devices should not be marketed and sold until the company receives an order declaring the devices “substantially equivalent,” which usually takes about 90 days from the date of submission.

Instead of completing the 510(k) processes for two of his company’s medical devices, the ELAN-4 Air Drill, a high-speed surgical drill used for bone cutting, sawing and drilling, and the JS Series SterilContainer S2, a reusable sterilization container for medical instruments, Stoll admitted to falsifying FDA clearance documents. In 2017, Stoll created fraudulent 510(k) paperwork, on FDA’s official letter head, and included a forged FDA official signature. Based on the deceptive documentation, the medical device company sold tens of thousands of dollars’ worth of devices throughout the country.

Last year Stoll pleaded guilty to one count of violating the Federal Food, Drug and Cosmetic Act (FDCA) by causing the introduction of misbranded and adulterated medical devices into interstate commerce. In turn, Stoll was sentenced to 12 months in prison and one year of supervised release by U.S. District Judge Joseph F. Leeson. When Stoll’s sentence was announced, Assistant Commissioner for Criminal Investigations Justin D. Green of the FDA commented that “[a] medical device distributed without FDA clearance can put patients at risk. Our office will aggressively pursue those who place patients at risk by failing to follow the law.”

Maryland Doctor’s COVID-19 Fraud Conviction Overturned

On August 24, 2023, the DOJ announced the conviction of Ron Elfenbein, M.D., of Arnold, Maryland, for five counts of healthcare fraud. In a groundbreaking decision, Chief Judge James K. Bredar of the U.S. District Court for Maryland overturned the jury’s conviction of the well-known Maryland doctor. The case centered around allegations that Dr. Elfenbein submitted millions of dollars in “fraudulent” insurance claims for COVID-19 tests. The comprehensive 90-page ruling filed on December 21, 2023, provides insights into the complexities and challenges associated with prosecuting testing-related fraud during the pandemic.

Judge Bredar’s detailed ruling highlighted the rarity of the situation and emphasized that the government failed to meet the necessary standard to convict Dr. Elfenbein. The doctor, who operates urgent care centers, was charged with submitting $15 million in fraudulent COVID-19 tests. Notably, he was the first individual convicted of testing-related fraud at trial among those charged by the U.S. Department of Justice.



The judge opined that the government did not present enough evidence to prove beyond a reasonable doubt that Dr. Elfenbein engaged in improper “upcoding” of tests. The ruling asserted that citizens, including healthcare providers, cannot be criminally accountable for actions permitted by a reasonable interpretation of technical regulations, even if it seems to benefit them excessively.

Dr. Elfenbein, an emergency room doctor, faced charges of health care fraud for testing conducted through his company, Drs ERgent Care. The allegations involved fraudulent billing to Medicare and other insurers. Despite his conviction last year, Dr. Elfenbein consistently maintained his innocence throughout the legal process. Following the judge’s ruling, Dr. Elfenbein’s attorney, Martin S. Himeles Jr., expressed optimism about his client’s future. Himeles expects Dr. Elfenbein to seek full restoration of his medical license and to return to emergency medicine. The Maryland Board of Physicians still lists his license as active, although his enrollment in the Maryland Medicaid Program was terminated in August.

This landmark decision by Chief Judge Bredar sends a strong message to the Department of Justice about the need for clear and concrete evidence when prosecuting individuals for alleged violations, especially during uncertain times such as the COVID-19 pandemic. Dr. Elfenbein’s case underscores the importance of a thorough legal defense and the potential for reevaluation of convictions based on the interpretation of vague federal regulations.

Nevada Accountant Sentenced to

13 Months in Prison

On December 22, the DOJ announced the sentencing of certified public accountant Dustin M. Lewis of Nevada. The accountant, formerly associated with L.L. Bradford & Company, was sentenced to 13 months in prison for his involvement in separate bribery and tax fraud conspiracies.

According to court documents, Lewis faced accusations of conspiring with a public official from the U.S. Department of Interior’s Bureau of Reclamation (USBR) from February 2015 to February 2016. The allegations suggest Lewis made payments exceeding $150,000 in bribes and kickbacks in exchange for favorable treatment. Lewis purportedly aimed to influence the awarding of government contracts for auditing services.

In addition to the bribery charges, Lewis and a co-conspirator were implicated in a tax fraud conspiracy. The charges include filing false 2013 corporate tax returns and other tax forms on behalf of six business entities. These entities collectively claimed over $11 million in deductions. According to the government, “Lewis’ conduct caused a tax loss to the IRS of more than $1.5 million.”    

U.S. District Judge Andrew P. Gordon oversaw the case, delivering a 13-month prison sentence to Lewis. Lewis will also serve three years of supervised release. The financial impact of the sentence involves a restitution order totaling approximately $704,002, accompanied by a criminal forfeiture money judgment in the same amount.

DEA Places Cloud Over Medical Cannabis Sales at Georgia Pharmacies

As Georgia continues to roll out its medical cannabis program, the U.S. Drug Enforcement Administration (DEA) has placed a significant roadblock that impedes pharmacy sales of low-THC oil, a key component of the program. In a notice sent to pharmacies in the state, the DEA warns that neither “marijuana nor THC can lawfully be possessed, handled, or dispenses by any DEA-registered pharmacy.”  

The DEA memo asserts that, although Georgia law allows low-THC oil to be dispensed to qualified patients by pharmacies in the state, federal law does not. Such products remain illegal under federal law because marijuana is still classified as “a Schedule I controlled substance.” The DEA memo specifies that DEA-registered pharmacies “may only dispense controlled substances in Schedules II-V of the Controlled Substances Act.”

In 2015, Georgia set out to legalize possession of medical cannabis by passing Haleigh’s Hope Act. More than eight years since then, much has had to happen for medical cannabis to become available to patients. The first medical cannabis dispensary in Georgia finally opened earlier this year on April 28, 2023. Georgia seeks to offer medical cannabis in its pharmacies but now faces this new hurdle from the DEA.

This guidance from the DEA comes on the heals of a recommendation from the U.S. Department of Health and Human Services to declassify marijuana as a Schedule I controlled substance and instead make it a Schedule III substance. The DEA has the final say on whether marijuana should be reclassified under Schedule III. For now, marijuana remains Schedule I, and the DEA has clearly taken the position that pharmacies in Georgia may not legally sell medical cannabis, despite such sales being legal under state law.



The Conciliation Appropriations Act enacted in 2022 appears to prevent the DEA from interfering with Georgia’s medical cannabis program, so it is unclear what enforcement steps the DEA might take against any Georgia pharmacies that do not comply with the DEA’s warning. Section 531 of the Act states, “None of the funds made available under this Act to the Department of Justice may be used . . . to prevent [Georgia or 46 other named states] from implementing their own laws that authorize the use, distribution, possession, or cultivation of medical marijuana.” Like the FBI, the DEA is an agency of the Department of Justice.