51 JFK Parkway, Short Hills, NJ 07078
Healthcare Defense Glossary

OIG self-disclosure

The HHS-OIG Self-Disclosure Protocol (SDP) is the formal mechanism by which a healthcare provider can voluntarily disclose conduct potentially violating federal healthcare program rules to OIG. The disclosure is made under a defined protocol, OIG investigates, and the matter resolves through a negotiated settlement, typically at a multiplier of single damages substantially below FCA trial exposure. SDP resolution often avoids exclusion and the parallel False Claims Act litigation that otherwise might follow.

How OIG self-disclosure works

The provider conducts an internal investigation to scope the conduct, quantify the dollar exposure, and decide whether disclosure is appropriate. The decision is binary and time-limited: once made, the disclosure must be submitted to OIG under the SDP's specific format and content requirements, including detailed factual disclosure, legal analysis, damages quantification, corrective action description, and a statement of cooperation. OIG reviews the submission, often requests follow-up information, and negotiates settlement.

Settlement under SDP is typically expressed as a multiplier of single damages: 1.5x is the OIG-published presumptive minimum, with higher multipliers for aggravating factors. By contrast, FCA litigation exposure is treble damages plus per-claim penalties, often resulting in 4x to 6x single damages or more. Resolution under SDP also typically avoids exclusion and may avoid a Corporate Integrity Agreement. The Self-Referral Disclosure Protocol (SRDP) is a parallel CMS mechanism specific to Stark Law technical violations.

When OIG self-disclosure applies

SDP is available to providers, suppliers, and other entities that submit claims to federal healthcare programs and have identified conduct potentially violating FCA, AKS, the Civil Monetary Penalties Law, or other OIG-enforced provisions. Stark Law technical violations go through CMS's SRDP rather than OIG's SDP. The protocol is most often used for AKS-tainted relationships (free goods, improper consulting arrangements, equity arrangements that fail safe harbor), employment kickback patterns, billing patterns identified through internal audit, and inherited compliance issues identified in M&A diligence.

The provider's exposure under OIG self-disclosure

Disclosure converts an uncertain exposure into a defined one. The trade-off: the provider gives up the possibility of non-discovery (which is often a thin reed, especially given qui tam dynamics) in exchange for a likely lower-multiplier settlement, reduced exclusion risk, and the strategic positioning of cooperation. The defense framework focuses on the scoping work that precedes the disclosure decision, the damages quantification (which OIG often accepts but verifies), the cooperation posture during OIG review, and the parallel state Medicaid disclosure obligations that may apply.

Related terms

See also