The federal False Claims Act (“FCA”) is one of the most powerful tools frequently used by the federal government to combat fraud. The FCA prohibits any person from knowingly presenting, or causing to be presented, a false or fraudulent claim for payment to the federal government.  It prohibits the possession, custody, or control of property or money used, or to be used, by the government and knowingly delivering, or causing to be delivered, less than all of that money or property. 31 U.S.C. § 3729(a)(1)(D). The FCA also prohibits any person from knowingly making, using, or causing to be made or used, a false record or statement material to a false or fraudulent claim.  And under the qui tam provisions of the FCA, whistleblowers (also known as relators) may bring cases on behalf of the government, which may takeover, or intervene.

The FCA’s strength, in part, arises from the potential damages or financial penalties that arise in FCA cases. The FCA allows the government to recover three times its actual losses (treble damages). In addition to treble damages, Defendants face penalties for each violation of the FCA (e.g., each false statement or each false claim submitted or caused to be submitted). The Civil Monetary Penalty range is periodically adjusted, usually annually. In December 2021, Chilivis Grubman attorneys discussed the U.S. Department of Justice’s adjustment of the FCA’s per-claim penalty for inflation as part of the Civil Monetary Penalties Adjustment for 2021.

On May 9, 2022, the DOJ published its Civil Monetary Penalty Inflation Adjustment for 2022. Per-claim penalties will now fall between $12,537 and $25,076 – in increase from a range of $11, 803 and $23,607 per violation. With an approximate 6.2% increase, the 2022 inflation-adjusted civil monetary penalty is the largest increase since 2018. However, penalties for violations after November 15, 2015 are calculated based on the penalty amounts in effect when the penalties are assessed, therefore, the 2022 inflation-adjusted civil monetary penalty amount applies to violations occurring after May 9, 2022.

The U.S. Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center, known as “HC3,” recently published an Analyst Note (Report: 202204181300) on the Hive ransomware group. 

HC3 described the Hive as “an exceptionally aggressive, financially-motivated ransomware group known to maintain sophisticated capabilities who have historically targeted healthcare organizations frequently.” Hive is a well-known cybercrime group that has quickly established a reputation since June 2021, when it is known to have become operational. HC3 cites a report that listed Hive as the fourth most active ransomware operative just months after it became operational. One report credits Hive with attacking an average of three companies per day – breaching over 350 organizations in the first four months of known operation.  

While HC3 may not be in the public’s view as frequently as other agencies, it provides good information for entities in any industry, particularly the health care industry. HC3 was established in response to the Cybersecurity Information Sharing Act of 2015, which is a federal law that seeks to improve U.S. cybersecurity through enhanced information sharing about cybersecurity threats, and for other purposes. HC3, which falls under the HHS’ Office of the Chief Information Officer, is HHS’ “focal point for cybersecurity collaboration with the Healthcare and Public Health Sector.” One of its roles is to collaborate with the Healthcare and Public Health sector to identify and understand threats, including learning patterns and trends of adversaries and to communicate information to the Healthcare and Public Health Sectors to better defend against cyber threats. The HC3 website is located here and its Hive report can be read here.

The DOJ announced that a federal jury convicted Jesmina Ramirez of one count of conspiracy to commit money laundering and one count of money laundering for her role in a health care fraud scheme. It was proven at trial that, for nearly two years, Ramirez laundered approximately $786,000 for BF Distributors Corp., Timely Medical Services Corp., Ortho-Med Solution Inc., Expedited Medical Supplies Corp., and Prime Orthopedic Solutions Corp. in Miami, Florida. These five medical supply companies fraudulently billed insurers, including Medicare and Medicaid, over $48 million for medical equipment that they neither purchased nor provided to patients. In turn, Ramirez cashed at least 120 checks written from the companies, retained a fee, and distributed the remaining cash to her co-conspirators.

Ramirez is one of over 15 individuals charged in connection to this fraud and money laundering scheme. In April 2022, one of Ramirez’s co-conspirators, pleaded guilty for her role in the scheme and is scheduled to be sentenced on May 25th. Ramirez now faces up to 20 years in prison, and she is scheduled to be sentenced on July 13th. This scheme is still under investigation.

A Medicare contractor recommended that our client, a pain management physician, be excluded from participating in federal healthcare programs for five years for "grossly and flagrantly" violating Medicare rules and regulations.

After Chilivis Grubman's team -- Scott Grubman, Christian Dennis, and Andrew Mason -- filed a lengthy appeal, HHS-OIG rejected the contractor's recommendation, declined to exclude, and closed their file. Justice served!

On May 16, 2022, the Department of Justice announced the conviction of owners and operators of four orthotic brace suppliers in Texas and Arkansas for a $6.5 million kickback scheme.

 Bruce and Bobbi Stroud, husband and wife and residents of Prosper, Texas, along with Kenric Griffin of Frisco, Texas, jointly owned and operated four orthotic brace suppliers: New Horizons Durable Medical Equipment, Striffin Medical Supply, 4B Ortho Supply, and Grace Professional DME.

Evidence presented at trial showed that between January 2017 and April 2019, the Strouds and Griffin, through their companies, billed approximately $12.5 million in claims to Medicare for braces that the government deemed unnecessary. According to the government, the defendants were able to solicit brace orders in exchange for illegal kickbacks. Medicare paid the defendants approximately $6.5 million for those claims. The defendants were able to conceal the scheme by characterizing the kickback payments for the doctors’ orders as “marketing” expenses.

The Strouds and Griffin were convicted of conspiracy to defraud the United States and to offer and pay illegal health care kickbacks, and seven violations of the Anti-Kickback Statute. Each defendant faces a total of up to 55 years in prison. Sentencing is scheduled for September 7.

The Government has a Fraud Section that leads the Criminal Division’s efforts to combat health care fraud through the Health Care Fraud Strike Force Program. Since March 2007, this program, comprised of 15 strike forces operating in 24 federal districts, has charged more than 4,200 defendants.

On May 4, 2022, United States Assistant Attorney General Kenneth A. Polite, Jr. announced the U.S. Department of Justice’s 2022 Opioid Enforcement Action, highlighting the department’s efforts. While enforcement actions related to COVID-19 and HIPAA breaches have received significant attention, the opioid epidemic continues. Mr. Polite noted that in the last year alone, over 75,000 people in the United States died by overdose.

Mr. Polite highlighted the progress and successes of the department (and associated law enforcement agencies) related to its enforcement action. He explained that fourteen individuals were charged across eight federal districts for crimes related to distributing prescription opioids. Twelve out of the fourteen individuals were medical professionals. One of the medical providers was a Kentucky dentist, whose patient allegedly died because of morphine prescribed by the dentist.

Besides discussing the successes of the department, Mr. Polite also praised the Appalachian Regional Prescription Opioid (ARPO) Strike Force. The ARPO was created about three years ago as a collaborative initiative that includes state and federal government agencies and partners throughout Ohio, Kentucky, West Virginia, Tennessee, and other states. According to Mr. Polite, “[ARPO] is designed to swiftly and effectively prosecute medical professionals and others involved in the illegal prescription and distribution of opioids.”

Since its creation, ARPO has charged at least one hundred individuals related to unlawful prescription opioid distribution. Over half of those charged were medical professionals or prescribers. The government alleges these individuals allegedly issued prescriptions for over one hundred million opioid pills. So far, sixty individuals have been convicted.

Mr. Polite’s remarks are a reminder to medical professionals that the government continues to use its vast resources and cross-agency collaborations for opioid enforcement actions. According to Mr. Polite: “Our work sends a clear message: medical professionals who violate their oath to do no harm, and instead, exploit vulnerable patients struggling with addiction will be held accountable.”

In May of 2021, the Department of Justice established the COVID-19 Fraud Enforcement Task Force to investigate claims of fraud against COVID-19 relief programs. In March of 2022, the Department announced the appointment of Associate Deputy Attorney General Kevin Chambers as the chief prosecutor overseeing enforcement efforts stemming from fraud against COVID-19 pandemic relief funds. COVID relief fund fraud has been a focus of the Department of Justice since the various programs’ inceptions, and the Department recently provided an update on its enforcement efforts.

On April 19, 2022, DOJ provided updates on fifteen criminal actions brought against defendants in eight states with a large percentage of those prosecutions coming from California. In the Central District of California, The Department of Justice announced the indictment of two Glendale residents who allegedly defrauded the government out of $214 million in connection with laboratory tests, including tests conducted during the COVID-19 pandemic, that were conducted without regard to the medical necessity of the tests. The government described the alleged conduct as especially egregious because one of the defendants had been excluded from participation in the Medicare program “for several decades.” Also in the Central District of California, the Department announced the indictment of a Los Angeles resident in connection with an alleged $345,000 fraud on COVID-19 relief programs via fraudulent loan applications. The Department also announced three prosecutions in the Northern District of California, with all three individuals being charged for allegedly peddling fake cures for COVID-19.

COVID testing has been a key focus of the enforcement efforts. Individuals in Maryland, New Jersey, New York, and Utah all face charges stemming from fraud related to COVID testing. These charges include upcoding for office visits, billing for office visits that did not occur in connection with COVID testing, kickbacks for supplying COVID tests to clinical laboratories, and provision of counterfeit negative COVID test results. Charges also stem from alleged kickbacks in connection with telemedicine, the rules for which were relaxed during the COVID-19 pandemic. One individual in New Jersey and another in Washington face charges for allegedly creating and distributing fraudulent COVID 19-vaccination cards.

The Department of Justice has placed a major emphasis on combating fraud connected to the COVID-19 pandemic and associated relief funds. Significant resources have been poured into this effort, and fraudulent conduct even tangentially connected to the pandemic is being prosecuted as a result. In some instances, long-standing fraud has been uncovered as a result of the investigation of separate fraudulent conduct related to COVID relief funds. Expect to see the prosecution of more and more individuals as time moves on.

On May 9, the Department of Justice (DOJ) announced the sentencing of two Florida men, Phillip J. Augustin and James Stote for leading a nationwide scheme to defraud the Paycheck Protection Program (PPP) for loans guaranteed by the Small Business Administration (SBA) under the Coronavirus Aid, Relief, and Economic Security (CARES) Act.

According to court documents, Augustin and Stote used falsified documents to obtain a PPP loan for Augustin’s company, Clear Vision Music Group LLC. After submitting that application, Stote and Augustin recruited additional PPP loan applicants and prepared and submitted fraudulent loan applications on their behalf in exchange for a share of the loan proceeds. Augustin, a manager for professional football players, used his network of business contacts to recruit loan applicants. According to the government, Augustin and Stote used fake payroll numbers, falsified IRS forms, and deceptive bank statements to obtain the loans. Stote facilitated at least seventy-nine fraudulent loan applications worth at least $35 million. Among those loans, Augustin was responsible for at least thirty-four fraudulent loan applications worth at least $15 million.

Twenty-five people were charged in total for their participation in the scheme in the Northern District of Ohio, Southern District of Florida, and Middle District of North Carolina. Stote and Augustin both plead guilty to conspiracy to commit wire fraud on Dec. 14, 2021. Augustin was sentenced to 78 months in prison and Stote to 120 months in prison. In addition to his prison sentence, Stote was ordered to pay approximately $10.1 million in restitution and over $1.1 million in forfeiture. Augustin was ordered to pay more than $5.9 million in restitution and more than $272,000 in forfeiture.

Since the inception of the CARES Act, the Fraud Section has prosecuted over 150 defendants in more than ninety-five criminal cases and has seized over $75 million in cash proceeds derived from fraudulently obtained PPP funds. Last year, the Attorney General established the COVID-19 Fraud Enforcement Task Force to marshal the resources of the Department of Justice in partnership with agencies across government in an effort to combat and prevent pandemic-related fraud. The DOJ also persistently urges anyone with information about allegations of attempted fraud involving COVID-19 to report it by calling the Department of Justice’s National Center for Disaster Fraud Hotline.

Wesley Blake Barber, a former patient recruiter, was just sentenced for his role in a transvaginal mesh (“TVM”) fraud scheme that involved payments of bribes and kickbacks. In September 2021, Barber pleaded guilty for his role in the scheme, and he faced up to 5 years in prison. On May 9, 2022, Barber avoided jail time but was sentenced to probation, ordered to forfeit $1.1 million, pay $200,000 to his victims, and perform 400 hours of community service.

According to his indictment, Barber took advantage of unknowing female patients with TVM implants to profit from a global settlement with transvaginal mesh makers after the implants were linked to various medical complications. Specifically, Barber took kickbacks and bribes in exchange for referring female patients with TVM implants to surgeons around the United States. As part of the scheme, women were convinced that the removal of their TVM implants was medically necessary when, in fact, the U.S. Food and Drug Administration warned about the complications of removal. Barber induced female patients to undergo these medically unnecessary procedures because he knew transvaginal mesh makers would pay more for patients who had removal surgeries.

There were several unnamed co-conspirators who also sought to profit from the 2013 global settlement between transvaginal mesh makers and patients. Christopher Walker, a Florida urogynecologist who was charged with paying Barber kickbacks, also avoided jail-time for his role in the scheme. Walker pleaded guilty in September 2021 and was later ordered to pay $866,000 for his role.

On May 6, the Securities and Exchange Commission announced that it had filed charges against a cryptomining company, its founders, and other related entities in connection with alleged unregistered offerings and fraudulent sales of investment plans. MCC International Corp. (“MCC”) and its founders Luiz Carlos Capuci, Jr. and Emerson Souza Pires allegedly defrauded thousands of investors through the sale of “mining packages.” The SEC alleges that, beginning in early 2018, MCC, Capuci, and Pires told investors that they could receive “profit sharing” from MCC’s business mining cryptocurrency and trading cryptocurrency, stocks, and foreign exchange using arbitrage and “semi-automatic robotic trading.” They allegedly promised investors a 1 percent return a week for up to a year. This promise was so enticing that MCC allegedly sold mining packages to over 65,000 investors.

The SEC alleges that, at least initially, investors were told that they would receive their returns in Bitcoin, however, they were later required to withdraw their investments in tokens created by MCC called Capital Coin. Once withdrawn, investors were allegedly required to redeem the Capital Coins on a fake crypto trading platform created and managed by Capuci. When investors tried to convert the tokens to fiat currency, they received errors that prevented them from doing so. The investors were then forced to buy an additional mining package or forfeit the investment.

Rather than provide returns to the investors, Capuci and Pires allegedly used the money received from investors to fund lavish lifestyles. Their purchases included Lamborghinis, yachts, and real estate. In April 2022, the United States District Court for the Southern District of Florida issued a temporary restraining order against the defendants and froze their assets. In total, the defendants allegedly received at least $11.3 million from investors. They are charged with violations of the registration and anti-fraud provisions of the federal securities laws. Capuci and Pires also face liability as control persons. The defendants face a potential injunction, disgorgement, civil penalties, and officer and director bars.

William Husel, former Ohio physician, was found not guilty of 14 counts of murder by an Ohio jury. Husel’s murder trial began in February of 2022, and he was acquitted on April 20, 2022. Attorneys from Franklin County Prosecutor’s Office called 53 witnesses in an attempt to prove Husel intended to hasten the death of his patients by administering deadly doses of fentanyl. Husel’s defense team argued that he acted within his discretion when caring for terminally ill patients.

Husel worked as the night intensive care unit (“ICU”) physician at Mount Carmel Hospital West (“Mount Carmel”) from 2013 to 2018. In October of 2018, Mount Carmel received the initial report about Husel’s patient care practices and alleged administration of excessive doses of fentanyl. Soon after, Mount Carmel launched an investigation into Husel’s conduct, and he was fired in December of 2018. After firing Husel, Mount Carmel alerted Franklin County Prosecutor’s Office and they began an independent investigation.

Franklin County Prosecutor’s Office alleged that Husel had been ordering deadly doses of fentanyl that ranged from 500 to 2000 micrograms. According to the United States Drug Enforcement Administration, 2000 micrograms of fentanyl is considered potentially fatal. Ron O’Brien, former Franklin County Prosecutor, noted that Husel administered “doses of fentanyl at a level that they internally believed were inappropriate and not for a legitimate medical purpose.” O’Brien further declared that Husel’s administration of fentanyl was “designed to hasten the death of the patients that were being treated.” Consequently, Husel was charged with 25 counts of murder, 11 of which were dismissed prior to trial.

Husel’s attorneys called one witness to aid in their defense. Dr. Joel Zivot, who has expertise in the treatment of critically ill patients in ICU and lethal injection, offered his testimony pro bono. Dr. Zivot testified that the cause of death for each patient was their underlying health conditions and not the administration of fentanyl. He also testified that Husel’s use of fentanyl was to solely provide patients with relief of pain and anxiety as they faced death. In closing, Husel’s defense team informed the jury that the medical administration of fentanyl is not regulated and there is no maximum amount that can be administered to dying patients.

Husel made no statement after his acquittal. While several families settled civil claims against Husel and his former employer, he is still facing over a dozen other civil suits. Many in the healthcare industry contend that Husel should never have been prosecuted, and indeed view his prosecution as an extreme overreach of prosecutorial discretion.

On April 15, 2022 a Fulton County Superior Court judge issued an injunction against the Gwinnett County District Attorney (DA) Patsy Austin-Gatson, preventing her office from taking any criminal or civil enforcement action relating to the possession or sale of delta-8 THC or other hemp-derived cannabinoids. The Gwinnett County DA had previously announced that her office would be cracking down on “the possession, sale or distribution” of delta-8, which she considered to be a controlled substance in Georgia. According to the order issued by the court, more than $2 million in assets had already been seized pursuant to the efforts by DA Austin-Gatson’s office.

Two stores that sell delta-8 in Gwinnett County filed a lawsuit last month arguing that delta-8 was legal in Georgia and asking the court to step in and halt the raids leading to seizure of delta-8 products and related assets. The stores succeeded in obtaining a temporary restraining order against DA Austin-Gatson on March 18, 2022, shortly after filing the lawsuit, but the order was set to expire after 30 days on April 17. This more recent order granting the injunction will last until the lawsuit concludes.

Although the injunction applies specifically to DA Austin-Gatson alone, as opposed to all District Attorneys in the state, the injunction ostensibly means that sales of delta-8 in Georgia can continue unabated for the time being.

The legality of delta-8, a naturally occurring substance in the cannabis plant, has long been debated. Unlike its cousin delta-9 THC (the active ingredient in marijuana), delta-8 comes from hemp or, more specifically, hemp-derived cannabidiol. In significant enough concentrations, delta-8 can give someone a “high” arguably similar to marijuana, hence the controversy.

Last September, the U.S. Drug Enforcement Administration (DEA) provided guidance on the legality of delta-8, explaining that cannabinoids such as delta-8, which is derived from hemp and does not contain more than the federal limit of delta-9 THC (0.3%), are legal under federal law. Whether delta-8 will continue to be considered legal under Georgia law remains to be seen and could be decided by this ongoing litigation.

In 2019, the U.S. Department of Health and Human Services’ Office of Civil Rights (OCR) announced its HIPAA Right of Access Initiative. Under the Initiative, OCR investigates violations of the HIPAA Privacy Rules, particularly related to the ability of patients to access their PHI. The HIPAA Privacy Rule generally requires covered entities to provide individuals access to their “designated record sets” maintained by or for the covered entity. The access requirements generally do not apply to (1) information not considered “designated record sets,” as defined by 45 C.F.R. § 164.501, (2) psychotherapy notes, and (3) records created in reasonable anticipation of or for a civil, criminal, or administrative action. 45 C.F.R. § 164.524.

Since 2019, there have been at least two dozen announced settlements related to OCR’s Right of Access Initiative, and these settlements have largely involved medical providers and organizations. Dental practices have gone unscathed. However, OCR’s recent announcements clarify that dental practices are not exempt from the HIPAA rules and alleged violations by dental practices will not be overlooked.

On March 28, 2022, OCR announced one of its first settlements involving a dental practice that allegedly violated HIPAA rules by purportedly failing to provide a patient with a copy of their medical record. Before settling, OCR imposed a $104,000 civil monetary penalty against Donald Brockley, D.D.M., a solo dental practitioner. However, Dr. Brockley and OCR agreed to settle for $30,000. As part of the settlement, Dr. Brockley will also take corrective actions to comply with the HIPAA Privacy Rule.

Providers and medical practice administrators, including dentists and dental practices, should familiarize themselves with patients’ rights under HIPAA to access protected health information by reviewing the related statutes (45 C.F.R. § 165.524) and HHS guidance. Enforcement actions will continue. Dental practices should also take note that, besides Dr. Brockley’s settlement, OCR also announced settlements with dental practices involving improper disclosure of PHI in violation of HIPAA rules. Dentists and dental practices are not exempt from HIPAA rules and OCR’s enforcement efforts.

The Department of Justice announced that Dr. Vinay Malviya, a Michigan gynecologic oncologist, agreed to pay $775,000 to resolve allegations of violating the False Claims Act. Specifically, it was alleged that Dr. Malviya performed radical and modified radical hysterectomies and administered chemotherapy services that were not medically necessary from February 2011 to June 2017. It was also alleged that Dr. Malviya submitted claims for evaluation and management services that were not performed as represented.

In addition to paying $775,000 to resolve claims that he violated the False Claims Act, Dr. Malviya will be excluded from all federal health care programs, including Medicare and Medicaid, for three (3) years. In 2021, Ascension Michigan and related hospitals, Providence Park Hospital, St. John Hospital and Medical Center, St. John Macomb Oakland Hospital and Ascension Crittenton Hospital, agreed to pay $2.8 million to resolve claims of improperly retaining payments submitted by Dr. Malviya in violation of the False Claims Act. Dr. Malviya’s settlement concludes the resolution of qui tam case United States ex rel. Satchwell v. Ascension Health, No. 17-CV-12315 (E.D. Mich.). Relators Pamela Satchwell, Dawn Kasdorf and Bethany Silva-Gomez will receive a combined payment of $147,250.

While claims resolved by settlements have no determination of liability, U.S. Attorney Dawn N. Ison for the Eastern District of Michigan declared that “[t]his settlement should put health care providers on notice that we will seek to hold those responsible who profit from providing services to patients that are more aggressive than medically necessary.”

On April 13, the United States Attorney’s Office for the Northern District of Georgia announced that it had reached a settlement with Paul D. Weir, John R. Morgan, M.D., Care Plus Management, LLC (“Care Plus”), and over a dozen anesthesia companies that Care Plus owned, to resolve allegations that they had violated the False Claims Act and the Anti-Kickback Statute. The settlement includes a payment of $7.2 million to resolve the allegations. Weir and Morgan created and owned Care Plus, which they allegedly used to provide kickbacks to physicians to refer patients to the anesthesia companies owned by Care Plus. The alleged kickbacks included shared revenue for the anesthesia services and subsidized drugs, supplies, and equipment.

The government alleged that, between 2012 and 2016, Care Plus offered partial ownership interests in anesthesia companies in order to entice outpatient surgery centers to enter into exclusive services agreements with Care Plus – agreements that are incredibly important in the anesthesia industry and typically the subject of aggressive competition. The agreements with Care Plus allegedly removed the need for competition on quality and price, to the detriment of patients and federal health care programs. The government further alleged that subsidized drugs and supplies were used to lure outpatient surgery centers into exclusive agreements by lowering the costs of performing surgery. The original lawsuit was a qui tam filed by a relator, who received $1.3 million from the settlement. Significantly, the defendants have not admitted any of the allegations, and the settlement is not a determination of liability. This is an important distinction as defendants often seek settlement to avoid the cost of protracted litigation and trial despite remaining steadfast that they have not acted unlawfully in any way.

In its press release, the government emphasized the importance of doctors selecting the recipients of referrals based on the needs of the patient and the quality of the referred provider rather than the expectation of a monetary return for such referrals. This is one of the policy considerations underlying the Anti-Kickback Statute and the Stark Law. Patients, and as a corollary, the federal healthcare programs funding a patient’s treatments, benefit and are better served when their physicians do not have financial interests that could conflict with the provision of the best care possible. Georgia’s Attorney General, Chris Carr, echoed concerns that such financial arrangements undermine the public’s trust in the healthcare system.

Since the CARES Act was enacted, Chilivis Grubman has reported on government efforts to curtail fraud related to COVID-19 relief funds provided by the CARES Act. Between 2020 and the early parts of 2021, the government frequently reported on its investigations related to COVID-19 relief fund fraud. In mid-to-late 2021, the government reported indictments and guilty pleas in COVID-19 relief fraud cases. From late 2021 to the present, the government has been reporting the sentencing of individuals that defrauded COVID-19 relief programs. And these sentencing reports are becoming more frequent. Such is the case for a 24-year-old Texas woman.

On April 7, 2022, the U.S. Department of Justice reported that Lola Shalewa Barbara Kasali of Houston, Texas was sentenced to federal prison for 5 years and 10 months (70 months) for defrauding a COVID-19 relief program. According to the press release, Ms. Kasali submitted two fraudulent PPP loan applications on behalf of her two companies. She sought over $3.8 million in PPP loan funds and received over $1.9 million in PPP loans. The government noted that the money Ms. Kasali received was seized.

According to the press release, Ms. Kasali engaged in acts frequently reported in other PPP schemes. Specifically, Ms. Kasali submitted fraudulent tax records and made misrepresentations related to the number of individuals she employed and the payroll expenses for her companies. Ms. Kasali’s scheme was investigated by several government agencies, including the Federal Housing Finance Agency, the U.S. Postal Inspection Service, and the Small Business Administration. Ms. Kasali’s case makes clear the government’s continued willingness to engage in cross-agency collaborations in its enforcement efforts; such collaboration likely will continue.

Because of the government’s efforts, a federal jury found Ms. Kasali guilty of two counts of bank fraud and two counts of making false statements.

The Department of Justice just announced that an Illinois man, Devontae Stokes, admitted to fraudulently obtaining unemployment insurance benefits (“UIB”) while incarcerated at a New Jersey federal correctional institution. According to court documents, from April 2020 to December 2020, Stokes and his conspirators devised a scheme to use the personal identification information (“PII”) of several individuals to secure unemployment insurance benefits provided through the 2020 Coronavirus Aid, Relief, and Economic Security Act (“CARES Act”).

The CARES Act created the Pandemic Unemployment Assistance (“PUA”) program to provide assistance to individuals who were self-employed, independent contractors, and not eligible for traditional unemployment insurance benefits. The Federal Pandemic Unemployment Assistance (“FPUA”) program provided an additional $600 per week to the foregoing individuals. Stokes and his conspirators communicated via wire to devise their scheme to exploit the PUA and FPUA programs, submit several UIB claims, and obtain over $140,000 in benefits from State Workforce Agencies.

On April 7, 2022, Stokes pleaded guilty to conspiring to commit wire fraud and he faces up to 20 years in prison, a fine of at least $250,000, and forfeiture pursuant to Title 18, United States Code, Section 981(a)(l)(C), and Title 28, United States Code, Section 2461(c). Stokes is scheduled to be sentenced on August 23, 2022.

On April 1, 2022, the Department of Justice announced a Missouri based non-profit, Preferred Family Healthcare (“PFH”), admitted to the misuse and misappropriation of federal funds designated for healthcare services. PFH received most of its funding from Medicaid reimbursement to provide mental and behavioral treatment for individuals in Missouri, Arkansas, Kansas, Oklahoma, and Illinois. However, PFH’s former employees and executives participated in a fraud and bribery scheme that misused millions in public tax dollars.

According to the terms of their non-prosecution agreement, PFH’s former executives and employees embezzled millions from charities and bribed several Arkansas elected officials. PFH will forfeit more than $6.9 million to the federal government and pay more than $1.1 million in restitution to the state of Arkansas. They previously reached a $6.5 million False Claims Act settlement with the state of Arkansas in October 2020. PFH’s initial settlement came after their therapists fraudulently billed millions for purported counseling services to mentally ill patients.

Several of PFH’s former executives and employees, along with former members of Arkansas’ state legislature, have pleaded guilty to bribery and embezzlement charges in separate criminal cases. PFH’s former chief operating officer and chief financial officer pleaded not guilty after being indicted by a federal grand jury in 2019, and the duo currently awaits trial. Tyler Hatcher, Special Agent in Charge of IRS-Criminal Investigation, declared that they “[…] will continue to work diligently to uncover large frauds designed to divert funds that were meant to help those in need of medical services […].”

The Department of Justice just announced that California man, Robert Benlevi, was convicted by a federal jury of bank fraud, false statements to a financial institution, and money laundering for his role in a $27 million Paycheck Protection Program (“PPP”) fraud scheme. Benlevi’s conviction comes less than one month after Kevin Chambers, Chief Prosecutor for COVID-19 Fraud Enforcement Task Force, vowed to aggressively pursue and prosecute those who illegally obtained funds from PPP loans and other pandemic relief benefits.

According to the Department of Justice, Benlevi submitted 27 PPP applications and sought over $27 million in assistance. Benlevi claimed that each of his eight companies had 100 employees with average monthly payrolls of $400,000. However, none of these businesses had employees or payroll expenses. Three of Benlevi’s companies received $3 million in assistance and he used the PPP funds for personal expenses, including personal credit card payments and an oceanfront home. The evidence also showed that Benlevi submitted false documents to the IRS where he purported each of his companies had annual payrolls of $4.8 million.

Benlevi currently awaits sentencing where he faces up to 30 years in prison for each of the bank fraud and false statement charges. He also faces up to 10 years in prison for each count of money laundering. Thousands of civil and criminal cases against individuals and entities have been brought since the Attorney General established the COVID-19 Fraud Enforcement Task Force. It is estimated that over $1 billion in COVID-19 benefits have been fraudulently obtained.

On February 24, 2022, ARcare experienced a data security incident, according to ARcare’s Notice of Data Privacy Incident. ARcare is a healthcare provider with locations in Arkansas, Kentucky, and Mississippi. ARcare provides numerous services, such as primary care, behavioral health, pharmacies, and community outreach programs. As a federally qualified health center, ARcare also provides discounted rates for medical care.

According to ARcare’s Notice, the incident affected its computer systems and disrupted services temporarily. And according to the Breach Portal maintained by the U.S. Department of Health and Human Services Office of Civil Rights (OCR), ARcare reported that the data breach potentially affected 345,353 individuals. ARcare’s Notice explained that it started an investigation, which determined that “an unauthorized actor may have accessed and/or acquired some sensitive data…” After reviewing the contents of the affected data, ARcare determined that the affected files contained personal information, including names, state identification numbers, dates of birth, financial information, Social Security numbers, medical diagnoses or condition information, medical treatment information, and other personal information. ARcare noted that the exposed information varies based on the patient. While the alleged unauthorized actor potentially had access to ARcare’s system between January 18, 2022, and February 24, 2022, ARcare is unaware of actual or attempted misuse of the exposed information because of the incident, according to its Notice. Nonetheless, ARcare reports it is investigating additional security measures to reduce risks associated with the incident.

ARcare’s data incident is unfortunate for the company and the potentially affected individuals. And data breaches, despite best efforts, continue to be a significant problem for most, if not all, companies and individuals. A review of the OCR breach portal reflects several reported incidents that potentially affect hundreds of thousands of individuals. One of the first reported incidents in 2022 was field by Broward Health, which noted over 1.3 million potentially affected individuals. Adaptive Health Integrations and Magnolia Regional Health suffered data incidents and reported over 510,000 and 490,000 potentially affected individuals, respectively. These are just a few examples of data incidents affecting large swaths of individuals in 2022 thus far.

Data incidents continue to increase in frequency and impact. Chilivis Grubman attorneys discussed the HIPAA Journal’s December 2021 Healthcare Data Breach Report, which highlighted that 2021 had approximately 70 more data breaches than 2020. The HIPAA Journal also reported that OCR data indicated that 45.7 million healthcare records were exposed in 2021, which may be the second-highest number of exposed records in the last 12 years.

The DOJ just announced that Donald Woo Lee, a former internal medicine doctor from Temecula, California, was sentenced to 93 months in prison for defrauding Medicare. In June of 2016, Lee was charged with seven counts of health care fraud and one count of adulteration of a medical device. According to court documents, Lee recruited Medicare patients and falsely represented that they needed vein ablation procedures, even when they did not display the specific symptoms. In turn, he began submitting claims to Medicare for medically unnecessary vein ablation procedures. Lee also engaged in “upcoding” by using inappropriate billing codes to receive higher reimbursements for the procedures he performed.

In October of 2019, a federal jury found Lee guilty of health care fraud and adulteration of a medical device. The evidence showed that Lee submitted claims for over $12 million and received over $4.5 million from Medicare. It was also proven that he reused contaminated “ClariVein” catheters on his patients. In addition to 93 months in prison, Lee was sentenced to three years of supervised release and ordered to pay Medicare more than $4.5 million in restitution.

Lee began his medical career in 1995. He owned and operated several clinics in the Los Angeles and Riverside areas.

On April 28, the Department of Justice announced that Robert Sabet, a New York pharmacy owner, pleaded guilty to conspiracy to commit health care fraud and engaging in unlawful financial transactions. In total, Sabet is alleged to have amassed $6.8 million from fraudulent conduct.

According to court documents, Sabet is the owner of two New York City pharmacies that were accused of conspiring to bill Medicare and Medicaid for “expensive” prescription drugs that were not needed by patients, were dispensed in connection with kickbacks, or, in some cases, not dispensed at all. As part of the conspiracy, Sabet and others were said to have paid kickbacks and bribes to customers to convince them to fill prescriptions at his pharmacies. The government also accused Sabet of paying customers cash in exchange for the ability to bill Medicare and Medicaid for over-the-counter health care-related products on their behalf.

Sabet pleaded guilty to conspiracy to commit health care fraud and to committing unlawful financial transactions. Sabet’s sentencing is scheduled for July 29, and he faces a maximum penalty of 10 years in prison. The Criminal Division’s Fraud Section and Assistant U.S. Attorney Brendan King for the Eastern District of New York are prosecuting the case.

On April 28, the Securities and Exchange Commission announced that it had reached a settlement with Medley Management, a publicly-traded asset manager, and its former co-CEOs in connection with charges brought by the SEC alleging that Medley Management had made misrepresentations to investors concerning its future growth potential. In order to resolve the allegations, Medley Management and the two individual defendants agreed to pay $10 million in civil penalties to the SEC.

The SEC alleged that, over the past 5 years, Medley Management overstated its assets under management. These overstatements were included in public filings, including bond offerings. Medley Management allegedly made the overstatements by including “committed capital” within its assets under management, despite the fact that the clients from whom the capital was pledged allegedly did not have an obligation to invest with Medley Capital at all and allegedly did not invest with Medley Management very often. The SEC alleged that Medley Management misrepresented the amount of risk involved with funds because they did not disclose the risk that a substantial amount of capital that was included under “committed capital” may not ever be invested with Medley Management. As a result, the SEC alleged that Medley Management could never generate fees from that capital, which was necessary for the growth of the company.

The SEC also alleged that the former co-CEOs provided positive projections of Medley Management’s future growth despite the fact that they had no reasonable basis to make those assertions. The projections were allegedly made in connection with a plan to sell Medley Management to clients and secure well-paying jobs for the co-CEOs. The projections were allegedly included in proxy materials, which were sent to investors to encourage them to vote in favor of the sale.

The defendants agreed to a consent order finding that the defendants had violated the antifraud provisions of the federal securities laws as well as the reporting and books and records provisions of the securities laws. The defendants agreed to pay $10 million to resolve the allegations; however, they do not admit or deny the SEC’s findings.