Affiliates of Kaiser Permanente, the healthcare consortium headquartered in Oakland, have agreed to pay $556 million to resolve allegations that they violated the federal False Claims Act by submitting invalid diagnosis codes for their Medicare Advantage Plan enrollees in order to receive higher payments from the government. The civil settlement includes the resolution of certain claims brought in lawsuits under the whistleblower provisions of the False Claims Act by Ronda Osinek and Dr. James M. Taylor, former employees of Kaiser Permanente.
Investigations into alleged violations of cybersecurity requirements under the federal civil False Claims Act (FCA) and its state analogues are increasingly an area of focus for the U.S. Department of Justice (DOJ), state attorneys general and whistleblowers (known as qui tam plaintiffs or relators under the FCA). We expect a continued uptick in enforcement activity, leading to elevated risk and additional potential financial exposure for companies subject to government cybersecurity requirements.