HITECH Violations Do Not Support FCA Liability, Affirms Sixth Circuit Court of Appeals

Wednesday, April 27, 2016
By Miles Indest, J.D./M.B.A candidate at Tulane University, Law Clerk, The Health Law Firm

On March 7, 2016, the United States Court of Appeals for the Sixth Circuit confirmed that individual Health Information Technology for Economic and Clinical Health Act (HITECH) violations do not support allegations under the False Claims Act (FCA). U.S. ex rel. Sheldon v. Kettering Health Network, 2016 WL 861399 (6th Cir. Mar. 7, 2016).

A qui tam relator claimed that her ex-husband had improperly retrieved electronic protected health information (e-PHI) of her and other family members in violation of HITECH. According to the relator, Kettering Health Network (KHN) failed to protect her e-PHI and violated the FCA by falsely asserting compliance with HITECH to receive payments exceeding $75 million.

HITECH Provides Incentive Payments To Providers That Implement EHR Technology.

HITECH creates incentive payments for certain health care providers to encourage the implementation of electronic health record (EHR) technology. KHN, which certified compliance with HITECH on a yearly basis, informed the relator through two letters that KHN employees had improperly accessed her e-PHI. An internal KHN investigation revealed that the relator’s former husband and other employees had accessed her protected information on several occasions. The relator alleged that these incidents detailed in KHN’s two letters constituted violations of HITECH
and proved that KHN had falsely asserted HITECH compliance.

HITECH Requires “Reasonable and Appropriate,” Not Perfect, Security.

Rejecting the relator’s claims, the Sixth Circuit determined that individual incidents of improper e-PHI access does not constitute a violation of HITECH, because HITECH “does not impose a strict liability regime.” Instead, HITECH requires that health care providers “have reasonable and appropriate processes and procedures in place to prevent, detect, contain, and correct security violations.” Thus, HITECH compliance is not determined by an absence of security breaches, but by a provider’s “process of analyzing and reviewing security policies and procedures.”

Notably, the relator’s own allegations indicated to the Court that KHN had policies and procedures in place. The fact that KHN even sent letters to the relator informing her of the breaches reflected that KHN had implemented procedures to detect and investigate unauthorized e-PHI access. Because the relator failed to adequately prove that KHN had made a “false statement” regarding HITECH compliance, the Sixth Circuit ultimately dismissed the relator’s FCA claim.

Contact Health Law Attorneys Experienced with False Claims Act, Qui Tam or Whistleblower Cases.

Attorneys with The Health Law Firm also represent health care professionals and health facilities in False Claims Act, qui tam or whistleblower cases. We have developed relationships with recognized experts in health care accounting, health care financing, utilization review, medical review, filling, coding, and other services that assist us in such matters.

If you are a health professional and you know your employer or company is committing fraud, remember this is your taxpayer money being stolen. You could receive a big reward such as Janet Halpin did in this case ($24 million), if you come forward with actual evidence that false claims have been submitted. However, remember that you must have actual documentary evidence that there were actual false claims submitted to the government. Call us if you need guidance or assistance in this.

On the other hand, if you are a health care business, organization, medical group or institution and you have a False Claims Act suit or claim made against you, we are available to defend such cases. It is difficult for a whistleblower to prove a false claims case and we have successfully defended these.

To contact The Health Law Firm, please call (407) 331-6620 or (850) 439-1001 and visit our website at www.TheHealthLawFirm.com.

About the Author: Miles Indest, J.D./M.B.A. candidate, will graduate in May 2016 from Tulane University Law School and the Freeman School of Business. He has served three years as a member of Tulane Law Review, and currently serves as the Writing Skills Chair of Tulane Moot Court.


Brian F. McEvoy. “Sixth Circuit Appeals Court Confirms that HITECH Violations Do Not Violate FCA.” National Law Review. (2016). Web.

KeyWords: HITECH, false claims, Medicare false claims, False Claims Act (FCA), electronic protected health information (e-PHI), electronic health record (EHR), Medicare, Medicare fraud, Medicare audit, whistleblower, qui taim, qui tam suits, qui tam relator, whistleblower attorney, whistleblower lawyers, whistleblower protection, legal representation, False Claims Act attorney, False Claims defense lawyer, Health lawyer, health law, The Health Law Firm

The Health Law Firm" is a registered fictitious business name of George F. Indest III, P.A. - The Health Law Firm, a Florida professional service corporation, since 1999. Copyright © 2016 The Health Law Firm. All rights reserved.

Like this blog? Add your public comments:

Items in bold indicate required information.