Due Diligence in Health Care Transactions

Mergers, acquisitions and joint ventures are complicated transactions and transactions in heavily regulated industries, such as health care, are especially complex. Whether an acquisition, merger or joint venture, due diligence is a necessary component of any health care transaction. “Due diligence” is a broad term that describes information gathering and investigation of the other party and its business operations. A due diligence review serves several purposes, including:

• Identifying and assessing risks related to the other party, the operations of the other party and/or the transaction;

• Evaluating the strengths and weaknesses of the other party and its business;

• Determining a realistic value/price for the transaction; and

• Identifying issues that must be addressed prior to closing or in the transaction documents.

In general, the due diligence review should identify any gaps in compliance with applicable health care laws and regulations; identify corrective action measures; and mitigate liability exposure. Because the health care industry is one of the most heavily regulated industries in the nation, due diligence is especially important in health care transactions. The federal government takes a very active role in the regulation of health care providers with a variety of agencies, including the Centers for Medicare and Medicaid Services (CMS) and the Office of Inspector General of the Department of Health and Human Services (OIG). In addition, CMS utilizes a number of program integrity contractors, including recovery audit contractors, to identify errors, fraud and abuse. The complicated regulatory schemes and active enforcement makes thorough health care due diligence imperative. As discussed in more detail below, a transaction involving a health care company requires due diligence in areas that are not present in other industries.

Governmental/CMS

Provider Agreements. One of the most significant sources of income for a health care provider is the federal Medicare program. CMS pays providers via a Medicare Provider Agreement (provider agreement) and the buyer should verify that all provider agreements are current and in full effect. If, as a result of the transaction, the buyer assumes the seller’s provider agreement, it also assumes all potential liabilities that may exist under the provider agreement, including plans of correction, Medicare sanctions and penalties, and payment adjustments to the buyer to collect civil monetary penalties (which can be significant). The buyer also assumes the obligation to repay to CMS any past overpayments that may have been received under the provider agreement, regardless of the fact that the buyer did not receive the original funds. Therefore, the buyer should thoroughly review the billing and coding practices of the seller.

License and Certificate of Need. If the state requires the seller to have a license and/or certificate of need (CON) to operate its business, the buyer should determine whether the license and CON can be transferred to it and the steps necessary to achieve such transfer. The ability to transfer a license or CON, and the steps necessary to do so, varies from state to state. Without a license or CON, the acquired entity may not be able to render services or be reimbursed for such services.

Change of Ownership. The buyer should determine if the transaction will result in a change of ownership (CHOW) for Medicare purposes or under applicable state laws. A CHOW has numerous regulatory implications, the most important of which relates to the payment stream from Medicare received by the health care company under its provider agreement and the possible interruption or cessation of that payment stream. In addition, a CHOW can impact Medicaid, licenses and CON. While the specific requirements vary by state, state licensure agencies must be notified of the CHOW and often advance notice prior to closing (often 30 days) is required. Failure to provide advance notice can result in fines, penalties and even refusal to issue a license (depending on the state). If the facility is subject to a CON, a review of the CHOW or a new CON application may be required by the state (which can be an expensive and lengthy process).

Copies of state survey and inspection reports should be obtained and reviewed. Special attention should be paid to statements of deficiencies and plans of correction. The seller also should be required to provide a listing of all pending or ongoing governmental investigations and audits and a summary of the nature of the investigation or audit. The buyer should determine whether it is a routine audit or a targeted audit that could potentially lead to recoupment.

Compliance and Regulatory Issues

While compliance and regulatory issues may vary depending on the transaction, the following four items should be subject to extensive due diligence in the acquisition of any health care company:

• Compliance program

• Arrangements with physicians and other referral sources

• Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health (HITECH) Act

• Excluded parties

Compliance Program. Does the other party have a compliance program that is in accordance with guidance from CMS and federal sentencing guidelines? The other party’s compliance program should be reviewed and evaluated, including the

• Role, job description, and standing of the chief compliance officer in the organization’s structure;

• Training and education of staff;

• Compliance office budget and process for approval;

• Review of compliance reports and;

• Degree and evidence of active board and executive-level oversight of corporate compliance.

Arrangements With Physicians and Other Referral Sources

The other party’s existing agreements and relationships should be reviewed for compliance with the numerous regulatory schemes designed to prevent fraud and abuse, including the anti-kickback statute (AKS) and the Stark law. The AKS makes it a crime to knowingly and willfully offer or receive remuneration to induce or reward referrals of items or services which are reimbursable by Medicare, Medicaid or any other federally funded health care program. The Stark law prohibits physicians from making referrals to an entity for designated health services payable by Medicare if the physician or an immediate family member has a financial relationship with the entity to which the physician refers, unless an exception to this prohibition applies. Therefore, particular attention should be paid to any arrangement with a referral source, especially physicians.

While there are varying requirements depending on the type of arrangement, any agreement with a referral source must be in writing, signed by all parties and not expired. The arrangement also should be “commercially reasonable” (i.e. a sensible, prudent business arrangement). In addition, any compensation or rent pursuant to an agreement with a referral source must be fair market value (FMV). Ideally, the FMV of such rent or compensation was established by an independent third party valuation expert or derived from national benchmarks prior to execution of the agreement. Each agreement should be reviewed to determine if it is compliant with AKS and the Stark law, and some agreements may need to be rejected.

HIPAA and HITECH

Another high-risk area with significant liability exposure involves protected health information under HIPAA and HITECH. For over a decade, HIPAA has required health care entities to guard “protected health information.” Protected health information is individually identifiable health information that can be linked to a particular person (e.g. names, Social Security numbers, addresses, and birth dates). Under the HITECH Act, business associates now are subject to HIPAA privacy and security requirements. A buyer should conduct due diligence to determine if there are any HIPAA risks, as they can result in significant financial penalties. For example, are there written agreements with each business associate? If so, are the agreements in compliance with HIPAA requirements?

Excluded Parties

The OIG has the authority to exclude individuals and entities from federally funded health care programs and it maintains a list of excluded parties. ¹The list is available at http://exclusions.oig.hhs.gov/. To avoid potential penalties and repayment of funds collected for services provided by an excluded party, the buyer must verify that none of the individuals it will hire as a result of the transaction are prohibited from billing Medicare/Medicaid or listed as excluded parties.

Clinical and Operational

Acquiring or joint venturing with a company involves not only an evaluation of the financial issues, but also the compatibility of the two companies. While that is true in almost any transaction, in health care there are additional issues. For example, do the companies have a similar or compatible culture and mission? This is especially important in transactions between for-profit and nonprofit entities.

The future of health care is to reward those who provide high quality, cost efficient service. Therefore, the buyer or joint venture partner should evaluate the quality of care provided by the other party and its efficiency in providing services.

A transaction involving a health care company can involve unique issues, such as:

• If one party is religious based, are there ethical and religious directives that must be adhered to and are these agreeable to the other party?

• How will the transaction affect each party’s business and its patients?

• Will clinical outcomes and continuity of care improve as a result of the transaction?

• Will the transaction improve patient satisfaction?

Special attention should be paid to information technology (IT). All IT contracts should be reviewed, and whether the systems are compatible and the costs to consolidate should be determined. Is the other party’s IT system adequate and in compliance with health care requirements (e.g. HIPAA)? How will the integration of the IT systems occur? If the company wants to participate in an accountable care organization, there are special requirements that must be met. An ACO requires providers to share clinical data with each other. In addition, ACOs require electronic health records, data management, and personal health records. Whether the other party’s IT system is capable of meeting these requirements should be determined.

Specific Traps for the Unwary

While the items discussed above occur in most health care transactions, the ones discussed below are not as prevalent, but are of crucial importance when they are present.

Antitrust. Antitrust is a body of law designed to promote economic competition. The antitrust laws therefore forbid the acquisition or preservation of monopoly power, including mergers and acquisitions that are sufficiently large to constitute a threat to competition.

While other industries may be seeing less antitrust enforcement, the health care industry is experiencing an increase. Controlling health care costs is one of the most important economic goals of the government, and applying antitrust laws to the health care industry is viewed as one way to cut costs.

Two health care companies can combine their operations (by merger, acquisition or joint venture) only if their combination does not undermine competition or result in a monopoly in the market. Some combinations are sufficiently large that advance approval is required. However, smaller transactions that do not require advance approval might later be challenged in court on the grounds that the transaction has resulted in excessive market power for the combined operation or has otherwise stifled competition. In general, the risk tends to be greatest in small and medium size communities that are dominated by one or two providers/health care systems. For example, on Jan. 24, a federal judge sided with the Federal Trade Commission, ruling that St. Luke’s Health System, Idaho’s largest health system, St. Luke’s Health System, violated antitrust law with its 2012 acquisition of one of the largest independent multi-specialty groups in the state. ²The memorandum decision and order can be found at http://www.ftc.gov/sites/default/files/documents/cases/140124stlukesmemodo.pdf. The combined entity included 80 percent of the primary care physicians in the market. What is noteworthy is that the acquisition was intended to improve patient outcomes and the court was “convinced that it would have that effect if left intact.” However, the court found that it was highly likely that the combined entity’s dominant market position would enable it to (1) negotiate higher reimbursement rates and (2) raise rates for services. The ruling, which is being appealed by St. Luke’s, stated there were other ways to achieve improved patient outcomes that do not run a risk of increased costs, and required that the transaction be unwound. Given the expense of fighting an antitrust lawsuit and the potential cost of unwinding a transaction, it is imperative that any antitrust issues are thoroughly vetted.

Nonprofit Conversions

When a nonprofit entity is acquired by a for-profit company, there often are state regulatory requirements that must be satisfied before the transaction can close. Numerous, but not all, states have laws governing the sale of nonprofits to for-profit buyers, and buyers should understand the effect these laws will have on the transaction. Generally, these conversion laws include provisions for public disclosure of the transaction, fair valuation of the charitable assets of the facility or hospital, and assurances that the proceeds of the transactions will continue to be used to provide community benefits. The acquisition and conversion to for-profit often must be approved by the state attorney general. While the process and requirements for approval vary from state to state, buyers should be aware of the specific requirements (if any) for their acquisition and should contact the applicable agency that has approval power early on to gauge if there are any issues regarding the transaction. The review and approval process can be lengthy and buyers need to plan accordingly.

Joint Ventures Between a Nonprofit and a For-Profit

Nonprofits frequently enter into joint ventures (JVs) with for-profit entities to further their exempt purposes or enhance their economic performance. These JVs involve vital issues regarding the nonprofit’s ability to retain its tax-exempt status and generally are either (1) whole entity or whole hospital JVs where the nonprofit contributes all or a substantial portion of its assets and operations to the JV entity or (2) ancillary JVs where an insubstantial part of the nonprofit’s assets and operations are contributed to the JV entity.

The issue of which party controls the JV is one that usually requires a lot of negotiation and is a crucial issue when a nonprofit is involved. If the JV will comprise a substantial part of the nonprofit’s total activities, the JV must further the nonprofit’s exempt purpose and the nonprofit must retain effective control of the JV. ³Rev. Rul. 98-15, 1998-12 IRB, http://www.irs.gov/pub/irs-drop/rr-98-15.pdf. Please note that the IRS has not defined “substantial” or “insubstantial,” and counsel experienced in this area should be consulted when structuring the JV. For the nonprofit to have control, it should have actual, effective control of the JV, which is determined by taking all factors into account. At a minimum, the governing document should (i) include a charity purpose override (stating that the charitable purpose of the JV overrides the need to make a profit) and (ii) provide that the nonprofit has voting control of the board.

If the JV will comprise an insubstantial part of the nonprofit’s total activities, a JV can be formed on terms that are considerably less restrictive, without jeopardizing the nonprofit’s tax-exempt status. Generally, the nonprofit is not required to have voting control of the board and the charitable purpose override is not required. While control of an ancillary JV continues to be important, there is greater flexibility in the control requirements for an ancillary JV.

Regardless of whether the JV is a substantial or insubstantial part of the nonprofit’s total activities, any JV between a nonprofit and for-profit should contain the following:

• a prohibition preventing the JV from acting contrary to the purposes of the nonprofit or in a manner that jeopardizes the nonprofit’s tax-exempt status;

• a narrow purposes clause for the JV that furthers the purposes of the nonprofit, and;

• all transactions with the JV must be conducted on an arm’s-length basis consistent with FMV.

Transferring assets or operations to a JV or allowing nonexempt parties to buy into the JV for less than fair market value may jeopardize the tax-exempt status of the nonprofit. An independent valuation of the terms related to the formation of, and contributions to, the JV should be obtained.

Conclusion

It is extremely important that a buyer of a health care company perform thorough health care due diligence. In many transactions, issues will be identified that are likely to not only avoid future liability, but allow the parties to resolve issues prior to closing or address them in the transaction documents via representations and warranties, escrow/holdback of purchase price, and indemnification provisions.