Department of Justice Settles First False Claims Act Case Under its Civil Cyber-Fraud Initiative
Client Alert | 2 min read | 03.14.22
On March 8, 2022, the Department of Justice (“DOJ”) announced that Comprehensive Health Services LLC (“CHS”) agreed to pay $930,000 to resolve allegations that it violated the False Claims Act (“FCA”). DOJ alleges that CHS falsely represented to the State Department and Air Force that it complied with contract requirements relating to the secure storage of medical records under its contracts to provide medical services at government facilities overseas. CHS did not admit to liability in the settlement agreement.
CHS is a provider of medical solutions, including global medical services, that contracted with the State Department and Air Force to provide medical support services at government facilities in Iraq and Afghanistan. The FCA allegations stem from CHS’s purported failure to properly and securely store medical records containing “identifying information” and false representations regarding controlled substances provided under those government contracts. CHS submitted claims for the cost of a secure electronic medical record (“EMR”) system to store medical records, including the confidential identifying information of service members, officials, and contractors receiving medical care in Iraq. DOJ alleges that, between 2012 and 2019, CHS failed to disclose that staff would scan records into the EMR system and leave records on an internal network drive that was not secure and was accessible to non-clinical staff. CHS also failed to take adequate steps to store the information after staff raised concerns about the privacy of the identifying information.
DOJ also alleges that, between 2012 and 2019, CHS did not have the necessary Drug Enforcement Agency license to export controlled substances to Iraq, and falsely represented that unapproved substances provided under the contracts were approved by the Food and Drug Administration or European Medicines Agency.
The settlement resolves two cases brought under the whistleblower provisions of the FCA: United States ex rel. Lawler v. Comprehensive Health Servs., Inc. et al., Case No. 20-cv-698 (E.D.N.Y.), and United States ex rel. Watkins et al. v. CHS Middle East, LLC, Case No. 17-cv-4319 (E.D.N.Y.). Under the terms of the settlement agreement, CHS will also pay more than $500,000 in attorney’s fees to the relators.
This is the first FCA settlement under the DOJ’s Civil Cyber-Fraud Initiative and will certainly not be the last. As we previously predicted, we expect DOJ’s announcement of the initiative five months ago to lead to an uptick in FCA investigations, settlements, and litigation concerning cybersecurity issues and increased interest by those in the relator’s bar for qui tam actions. Notably, this settlement suggests that DOJ will not limit its enforcement actions to a contractor’s failure to satisfy its obligations under the standard Federal Acquisition Regulation or Defense Federal Acquisition Regulations safeguarding clauses, but will broadly consider noncompliance with other information and data security provisions to be an appropriate hook for FCA liability.
Contacts
Insights
Client Alert | 3 min read | 12.10.24
Fast Lane to the Future: FCC Greenlights Smarter, Safer Cars
The Federal Communications Commission (FCC) has recently issued a second report and order to modernize vehicle communication technology by transitioning to Cellular-Vehicle-to-Everything (C-V2X) systems within the 5.9 GHz spectrum band. This initiative is part of a broader effort to advance Intelligent Transportation Systems (ITS) in the U.S., enhancing road safety and traffic efficiency. While we previously reported on the frustrations with the long time it took to finalize rules concerning C-V2X technology, this almost-final version of the rule has stirred excitement in the industry as companies can start to accelerate development, now that they know the rules they must comply with.
Client Alert | 6 min read | 12.09.24
Eleven States Sue Asset Managers Alleging ESG Conspiracy to Restrict Coal Production
Client Alert | 3 min read | 12.09.24
New York Department of Labor Issues Guidance Regarding Paid Prenatal Leave, Taking Effect January 1
Client Alert | 4 min read | 12.06.24