Modernizing Medicine Agrees to Pay $45 Million to Resolve Allegations of Accepting and Paying Illegal Kickbacks and Causing False Claims

Modernizing Medicine Agrees to Pay $45 Million to Resolve Allegations of Accepting and Paying Illegal Kickbacks and Causing False Claims

Tuesday, November 1, 2022

Modernizing Medicine Inc. (ModMed), an electronic health record (EHR) technology vendor located in Boca Raton, Florida, has agreed to pay $45 million to resolve allegations that it violated the False Claims Act (FCA) by accepting and providing unlawful remuneration in exchange for referrals and by causing its users to report inaccurate information in connection with claims for federal incentive payments.

The Anti-Kickback Statute prohibits anyone from offering or paying, directly or indirectly, any remuneration — which includes money or any other thing of value — to induce referrals of items or services covered by Medicare, Medicaid and other federally funded programs. In a complaint filed in conjunction with today’s settlement, the United States alleged that ModMed violated the FCA and the Anti-Kickback Statute through three marketing programs: First, ModMed solicited and received kickbacks from Miraca Life Sciences Inc. (Miraca) in exchange for recommending and arranging for ModMed’s users to utilize Miraca’s pathology lab services. Second, ModMed conspired with Miraca to improperly donate ModMed’s EHR to health care providers in an effort to increase lab orders to Miraca and simultaneously add customers to ModMed’s user base. Third, ModMed paid kickbacks to its current health care provider customers and to other influential sources in the healthcare industry to recommend ModMed’s EHR and refer potential customers to ModMed. 

“Electronic health records serve a critical role in informing physician decision making, and it is therefore essential that health care providers select such technology free from the influence of improper financial inducements,” said Principal Deputy Assistant Attorney General Brian M. Boynton, head of the Department of Justice’s Civil Division. “Vendors of electronic health records will be held to the same standards of compliance that we expect of everyone who provides health care services.”

“Today’s settlement marks the fourth resolution that our office has achieved as we seek to root out fraud in the electronic health record technology field,” said U.S. Attorney Nikolas P. Kerest for the District of Vermont. “It is imperative that medical providers be able to trust the health record systems with which they document important and sensitive patient information, and for too long electronic health record vendors have prioritized only sales. The government alleges that for years, ModMed, through a variety of schemes, engaged in illegal kickbacks that distorted both the EMR and pathology lab markets, in addition to providing its users with a deficient product. This resolution reflects the seriousness of the government’s allegations and the determination of the Department of Justice to restore integrity to the electronic health record field.”

As a result of this conduct, the government alleges that ModMed improperly generated sales for itself and for Miraca, while causing health care providers to submit false claims for reimbursement to the federal government for pathology services, and for incentive payments from the Department of Health and Human Services (HHS) for the adoption and “meaningful use” of ModMed’s EHR technology.

In January 2019, Miraca (now known as Inform Diagnostics) agreed to pay $63.5 million to resolve allegations that it violated the Anti-Kickback Statute and the Stark Law by providing to referring physicians subsidies for EHR systems and free or discounted technology consulting services. 2019 Press Release.

Additionally, under HHS’ EHR Incentive Programs, HHS offered incentive payments to health care providers that adopted certified EHR technology and met certain requirements relating to their “meaningful use” of that technology. Eligibility for incentive payments required health care providers to use certified EHR technology that, among other things, utilized certain standard vocabularies for drugs (RxNorm) and clinical terminology (SNOMED CT) in order to conduct certain transactions. The government’s complaint in intervention alleges that ModMed knew that its EHR did not always allow physician users to electronically record medical records using the required standard vocabularies, thereby causing certain of its users to submit false claims for incentive payments under that program.

The settlement with ModMed resolves, in part, allegations in a lawsuit filed in the District of Vermont by Amanda Long, a former Vice President of Product Management at ModMed. The lawsuit was filed under the qui tam, or whistleblower, provisions of the FCA, which permit private individuals to sue on behalf of the government for false claims and to share in any recovery. The qui tam case is captioned United States ex rel. Long v. Modernizing Med., Inc., No. 2:17-cv-179 (D. Vt.). The Act allows the government to intervene and take over the action, as it did in this case. As part of today’s resolution, Ms. Long will receive approximately $9 million.

The resolution obtained in this matter was the result of a coordinated effort between the Justice Department’s Civil Division, Commercial Litigation Branch, Fraud Section, and the U.S. Attorney’s Office for the District of Vermont. The FBI and the Department of Health and Human Services, Office of Counsel to the Inspector General provided investigative assistance.

The investigation and pursuit of this matter illustrate the government’s emphasis on combating health care fraud, including in the healthcare technology arena. One of the most powerful tools in this effort is the FCA. Tips and complaints from all sources about potential fraud, waste, abuse, and mismanagement, can be reported to the Department of Health and Human Services at 800-HHS-TIPS (800-447-8477).

Assistant U.S. Attorney Lauren A. Lively for the District of Vermont and Trial Attorneys Kelley Hauser and Sarah Hill of the Civil Division’s Commercial Litigation Branch, Fraud Section handled this matter.


Pharmacy Chain Institutes New Safeguards for PHI in Pseudoephedrine Log Books Covered Entity: Pharmacies Issue: Safeguards A grocery store based pharmacy chain maintained pseudoephedrine log books containing protected health information in a manner so that individual protected health information was visible to the public at the pharmacy counter. Initially, the pharmacy chain refused to acknowledge that the log books contained protected health information. OCR issued a written analysis and a demand for compliance. Among other corrective actions to resolve the specific issues in the case, OCR required that the pharmacy chain implement national policies and procedures to safeguard the ...read more



Hospital Revises Email Distribution as a Result of a Disclosure to Persons Without a "Need to Know" Covered Entity: General Hospital Issue: Impermissible Use and Disclosure A complainant, who was both a patient and an employee of the hospital, alleged that her protected health information (PHI) was impermissibly disclosed to her supervisor. OCR’s investigation revealed that: the hospital distributed an Operating Room (OR) schedule to employees via email; the hospital’s OR schedule contained information about the complainant’s upcoming surgery. While the Privacy Rule may permit the disclosure of an OR schedule containing PHI, in this case, a hospital employee ...read more



Issued by: Office for Civil Rights (OCR) What if a HIPAA covered entity (or business associate) uses a CSP to maintain ePHI without first executing a business associate agreement with that CSP? Answer: If a covered entity (or business associate) uses a CSP to maintain (e.g., to process or store) electronic protected health information (ePHI) without entering into a BAA with the CSP, the covered entity (or business associate) is in violation of the HIPAA Rules.  45 C.F.R §§164.308(b)(1) and §164.502(e).  OCR has entered into a resolution agreement and corrective action plan with a covered entity that OCR determined ...read more



Large Medicaid Plan Corrects Vulnerability that Resulted in Disclosure to Non-BA Vendors Covered Entity: Health Plans Issue: Impermissible Uses and Disclosures; Safeguards A municipal social service agency disclosed protected health information while processing Medicaid applications by sending consolidated data to computer vendors that were not business associates. Among other corrective actions to resolve the specific issues in the case, OCR required that the social service agency develop procedures for properly disclosing protected health information only to its valid business associates and to train its staff on the new processes. The new procedures were instituted in Medicaid offices and independent ...read more

July 2026
SuMoTuWeThFrSa
1234
567891011
12131415161718
19202122232425
262728293031

Blog Home

Newest Blog Entries
1/21/25 Understanding Business Associate Agreements

11/12/22 Modernizing Medicine Agrees to Pay $45 Million to Resolve Allegations of Accepting and Paying Illegal Kickbacks and Causing False Claims

11/12/22 Indian National Charged in $8 Million COVID-19 Relief Fraud Scheme

11/12/22 Former Hospital Employee Pleads Guilty To Criminal HIPPA Charges

11/12/22 Covered entities and those persons rendered accountable by general principles of corporate criminal liability may be prosecuted directly under 42 U.S.C. § 1320d-6

11/12/22 The Delaware Division of Developmental Disabilities Services Data Breach

11/12/22 OCR Settles Three Cases with Dental Practices for Patient Right of Access under HIPAA

11/12/22 HHS Issues Guidance on HIPAA and Audio-Only Telehealth

11/12/22 Five Former Methodist Hospital Employees Charged with HIPAA Violations

11/12/22 May a covered entity use or disclose protected health information for litigation?

11/12/22 When does the Privacy Rule allow covered entities to disclose protected health information to law enforcement officials?

Blog Archives
January 2025 (1)
November 2022 (54)

Blog Labels
PPP Fraud (1)
EHR Fraud (1)
Data Breach (1)
HIPAA Enforcement (3)
Covered Entity (40)
ePHI (2)
HIPAA (2)
Telehealth (1)
BAA (4)