CMS Proposes to Increase Reward for Reporting Medicare Fraud to $10 Million

Posted by Laurie K. Chisolm on May 21, 2013

Health provider compliance officers may soon have another cause for busy days and sleepless nights.  CMS recently issued a proposed rule that, if finalized, would revise its little-used Medicare Incentive Reward Program (IRP).   Under the current IRP, an individual may recover up to $1,000 for providing information that leads to the recovery of Medicare funds from individuals and entities that have engaged in fraudulent Medicare activities.  The proposed rule both significantly increases the potential reward and simplifies the process that an informant must follow.   It also expands CMS’s ability to deny Medicare enrollment to providers who have unpaid Medicare debts.

Since the current IRP was put into effect in July 1998, CMS has collected less than $3.5 million, and only 18 rewards totaling less than $16,000 have been paid.  In contrast, a reward program under the Internal Revenue Code has caused the IRS to collect almost $1.6 billion (from 2007 to 2012) for which it paid rewards to informants totaling approximately $193 million.

Understandably, CMS believes that remodeling its IRP after the IRS program will encourage many more individuals to report Medicare fraud and increase returns to the Medicare fund.

Under the proposed IRP an informant could receive up to $10 million for reporting specific information that leads to the recoupment of an overpayment made by Medicare to a supplier or provider.  The reward for information received on or after the effective date of the rule would be “15 percent of the final amounts collected applied to the first $66,000,000 for the sanctionable conduct.”

In order to qualify for a reward, an individual need not go the effort of commencing a qui tam action, as required under the False Claims Act.  Rather, the informant need only provide specific information to OIG, CMS, or a CMS contractor relating to an individual or entity that has engaged in or is engaging in sanctionable fraud and abuse against the Medicare program and specifying the particular time period.

There are some limitations on the reward system.  For example, CMS will not give a reward if the same or substantially similar information was the basis for payment of a reward under any other federal reward program.  An informant who participated in the sanctionable conduct is ineligible. Before the informant may collect the reward, he or she must complete an attestation acknowledging that he or she has not participated in the conduct, is not otherwise ineligible to receive the reward, has furnished truthful information, and further acknowledging that failure to provide truthful information can subject the informant to potential criminal and civil liability.

The proposed rule also imposes broader Medicare enrollment requirements for providers who have existing unpaid Medicare debt.  Under the current rule, an owner, physician, or nonphysician practitioner may be denied Medicare enrollment under a new name or entity if he or she has a Medicare debt.  However, if the practitioner was an owner of another entity that had a Medicare debt, the practitioner could not be denied Medicare enrollment because the entity had  a Medicare debt.  Under the proposed rule, if the provider seeking enrollment was the owner of another provider or supplier that had a Medicare debt that existed when the latter’s enrollment was voluntarily or involuntarily terminated or revoked, Medicare enrollment may be denied if certain criteria are met.

Comments on CMS’s proposed rule must be received by June 28, 2013. 

Who Decides Who Visits a Hospital Patient?

Posted by Laurie K. Chisolm on May 07, 2013

Under federal regulations, a hospital patient has the right to determine who can visit during the hospital stay.  Hospitals may not prevent “non-traditional” family members or any others from visiting a patient who wishes to see the person unless there is a clinical reason for doing so.

When the patient is incapacitated and unable to identify desired visitors, the regulations provide that a “support person” has the right to decide who may visit.  One might think this means that a health care agent or proxy determines who may visit.  Think again.

In commentary to the regulations, The Centers for Medicare and Medicaid Services (CMS) explained that it adopted the term “support person” to distinguish it from a “personal representative.”  CMS stated: 

[f]or purposes of exercising visitation rights, we do not believe that the individual exercising the patient’s visitation rights needs to be the same individual who is legally responsible for making medical decisions on the patient’s behalf, though it is certainly possible for both roles to be filled by the same person….A support person could be a family member, or other individual who is there to support the patient during the course of the stay.

Thus, a health care agent does not automatically have the right to make visitation decisions for the incapacitated patient.  In a dispute between a visitor and a health care agent who instructs the hospital to prevent the visitation, the hospital may find itself embroiled in a conflict that it would prefer to avoid.

Having written policies and procedures regarding patient visitation rights should help resolve this issue.  In fact, a visitation policy is required as a Condition of Participation in Medicare.  Under the federal regulations, the policy must:

  • Inform the patient or support person of the visitation rights, including any clinical restriction,
  • Inform the patient or support person of the right, subject to his or her consent, to receive the visitors whom he or she designates, and his or her right to withdraw or deny such consent at any time,
  • Not restrict, limit, or otherwise deny visitation privileges on the basis of race, color, national origin, religion, sex, gender identity, sexual orientation, or disability (note, age is not included and in similar fashion, New York regulations authorize a hospital patient to determine which family members and other adults may visit),
  • Ensure that all visitors enjoy full and equal visitation privileges.

A hospital should also consider including the following elements in its policy and procedure:

  • Upon admission, specifically ask the patient to identify (a) permitted visitors and (b) a “support person” who can make visitation decisions in the event the patient becomes incapacitated.
  • Establish a procedure to assist in identifying the “support person”  in the event an incapacitated patient is admitted. 
  • Establish a dispute resolution process.

Revise Your Notice of Privacy Practices By September 23, 2013

Posted by Linda Terner on April 23, 2013

Doctor patientPatient-focused health care providers understand that privacy is important to patients.  Providing patients with an explanation of their health information privacy rights has been a standard part of provider office procedures when patients present for medical care since HIPAA was enacted.  If  patients are being handed a Notice of Privacy Practices (NPP) dated before the January 17, 2013, Final Rule was issued, or if the website publishes an old form, providers have until September 23, 2013, to revise and distribute it. The Final Rule applies to “covered entities” -- you know who you are!

The new HIPAA regulations explain the details required to be part of the NPP  (even down to capitalized headers), and must be consulted to ensure that a compliant NPP is developed and publicized. An overview of the change process provides a roadmap for providers undertaking this task.  NPPs must be made more “user friendly” and include additional descriptions of patient’s rights concerning their Protected Health Information (PHI). 

What happens if the NPP is not revised?

  • Covered entities may be exposed to patient complaints, governmental investigations, and civil and criminal penalties. 

What new information needs to be added to the NPP?

  • Authorized uses under HIPAA; examples.  A description of how information may be used without patient authorization, and at least one example of what is meant by treatment, payment, and healthcare operations (e.g., “for example…”).
  • Provider’s intentions.  Disclosure if PHI will be used to give appointment reminders, provide alternative treatment information, disclose to plan sponsor, or for fundraising.
  • How patients can obtain access to PHI. Right to inspect records and obtain paper copy of electronic PHI.
  • Where patient authorization is needed. List must include psychotherapy notes, marketing, subsidized treatment communications, sale, and certain other uses.
  • How patients may pro-actively restrict disclosure. Specific written request; may not be honored with regard to health insurer unless services completely paid out-of-pocket.
  • Opting out of fundraising. Inform patients of right to opt out of each solicitation.
  • Accounting to patients for disclosure.
  • How patients may complain about privacy violation.  How to file a complaint; non-retaliation.
  • Breach notification.  Statement covered entity is required to notify patient of each breach.
  • List of provider duties. Include contact for privacy office.
  • Health plans only. Provide notice genetic information may not be used for underwriting, with exceptions for some long-term care policies. 

What must be done after the NPP is revised?

  • Make available.  Copy to new patients; available to existing patients; NPP or notice of material change in next mailing of health insurer.
  • Post.  On website, in office (or post summary with full NPP available).
  • Keep records.  Keep copies of prior versions of NPPs and written patient acknowledgements of receipt.

This is a only a roadmap of the major highways, but the path is clear. With reasonable effort and attention to detail, enhanced patient communication concerning privacy can be implemented as required.

Just Do It: Encrypt Portable Electronic Media Devices

Posted by Linda Terner on April 16, 2013

laptop

Last fall, after a HIPAA violation settlement of $1.5 Million for the loss of an unencrypted laptop, healthcare providers and their vendors were on notice of severe consequences for loss of portable devices containing patient data (“protected health information” or "PHI").  Under the new HIPAA “megarule” issued in January, the previous “harm” standard is replaced by a presumption that any disclosure requires breach notification unless low risk of data compromise can be documented, so it may now be “game over” with regard to the encryption decision; in most cases, mobile devices simply must be encrypted.   Modern-day thieves have discovered that the personal information on stolen devices is far more valuable than the device itself.  Passwords can easily be circumvented, as noted in the popular press, but encryption works well (see, e.g., “The Case of the Stolen Laptop: How to Encrypt, and Why”).    

The risk-reward calculus is simple: the cost of encryption is relatively low, the probability of employees losing mobile electronics devices is extremely high, and now the probability of breach notification being required is almost certain.  The most obvious way to prevent breach of HIPAA information privacy, and the most direct way to eliminate the necessity of breach notification, is to be able to demonstrate a low probability that PHI has been compromised--by encrypting laptops, flash drives, phones, netbooks, tablets, iPads, and all other mobile electronic devices.

The federal government has posted a brochure entitled “Managing Mobile Devices in Your Health Care Organization,” describing standard compliance procedures to be followed, such as assessing and documenting the risk, implementing procedures and policies, and training personnel.  Each organization should tailor its program to its particular situation.  However, when all is said and done, if the organization does not encrypt its mobile electronic devices and does not require that personnel using their own devices do likewise, then breach notification, audits and fines are on the horizon, unless the organization has devised security arrangements equivalent to encryption.

The CMS commentary to the HIPAA megarule addresses the lost laptop situation, noting that the provider may be able to show no unauthorized access: 

If a laptop computer was stolen and later recovered and a forensic analysis shows that the protected health information on the computer was never accessed, viewed, acquired, transferred, or otherwise compromised, the entity could determine that the information was not actually acquired by an unauthorized individual even though the opportunity existed.  78 Fed. Reg. 5643 (January 25, 2013).

CMS also noted that in cases where the information was not accessed, subsequent to a loss/theft, the provider’s documented risk assessment could conclude that there was a low risk that the “information had been compromised” (the megarule’s new formulation of harm), but “if a computer is lost or stolen, we do not consider it reasonable to delay breach notification based on the hope that the computer will be recovered.”  This statement is very clear.  Unless two things happen--the lost/stolen device is recovered immediately, and forensic analysis shows no access-- breach notification will now be required unless the device was encrypted.  The same rules apply to “business associates”--any vendor who provides services to health care providers that involve creating, receiving, maintaining, or transmitting PHI.  The health care industry as a whole would be well-advised, in most cases, to undertake encryption of mobile devices.  Susan McAndrew, Deputy Director of Health Information Privacy for the Office of Civil Rights, captured this by the phrase "encryption, encryption" (presentation to American Health Lawyers Association, February 25, 2013).  A useful sample policy might be the Yale University HIPAA Security Policy and Guidelines on Smartphones.

New York Labor Law Amendments Broaden Scope of Wage Deductions

Posted by Brian M. Culnan on November 20, 2012

On September 8, 2012, New York Governor Andrew Cuomo signed into law a bill that expands the scope of permissible deductions from an employee’s wages.  The law, which became effective on November 6, 2012, amends Labor Law § 193.  While permitting New York employers to make a wider range of payroll deductions than had been previously set forth in § 193, the statutory amendment also imposes several new deduction-related requirements on those same employers.

By way of background, under Labor Law § 193, an employer could make deductions from wages earned by an employee “for the benefit of the employee.”  Permissible deductions were limited to those that:  (1) are required by law or by governmental administrative rule or regulation; or (2) “are expressly authorized in writing by the employee and are for the benefit of the employee; provided that [the] authorization is kept on file on the employer’s premises.”  With employee authorization, employers were permitted to deduct from an employee’s earned wages “payments for insurance premiums, pension or health and welfare benefits; contributions to charitable organizations; payments for United States Bonds; payments for dues or assessments to a labor organization; and similar payments for the benefit of the employee.”  Labor Law § 193(1)(b).

In recent years, the New York State Department of Labor (DOL) significantly narrowed its interpretation of § 193.  Generally speaking, DOL took the position that a wage deduction was not permissible unless it was very “similar” to those expressly recognized in the statute as lawful.  This interpretation differed from DOL’s historical focus on whether the deduction was being made for the “benefit of the employee.”

The result was that DOL interpreted the following deductions to be impermissible under § 193, even with the employee’s voluntary agreement and written authorization: overpayments; salary advances; repayment of loans, advances or debts; recovery of employment-related expenses; recovery for spoilage or breakage; purchases made from employers or employer-sponsored stores, cafeterias, and similar establishments; or cash register shortages.

The new legislation is an obvious reaction to the Department’s narrow recent construction.  As a result, effective November 7, deductions may be made for a variety of new items, which include the following:

  • wage overpayments and advances;
  • prepaid legal plans;
  • purchases made at events sponsored by a charitable organization affiliated with the employer where at least 20 percent of the profits from such event are being contributed to a charitable organization;
  • discounted parking or discounted passes, tokens, fare cards, vouchers, or other items that entitle the employee to use mass transit;
  • fitness center, health club, and/or gym membership dues;
  • cafeteria and vending machine purchases made at the employer’s place of business and purchases made at gift shops operated by the employer, where the employer is a hospital, college or university;
  • pharmacy purchases made at the employer’s place of business;
  • tuition, room, board, and fees for pre-school, nursery, primary, secondary, and/or post-secondary educational institutions;
  • day care, before-school and after-school care expenses; and
  • payments for housing provided at no more than market rates by non-profit hospitals or affiliates thereof.

Importantly, the amendment will also permit employers to recover inadvertent wage overpayments and wage advances by payroll deductions under certain circumstances and subject to future DOL rulemaking.  These forthcoming rules must include provisions governing the terms and conditions under which employers may make deductions for wage overpayments and advances, and must also include provisions relating to employee notice and dispute resolution procedures.

As is the case with current § 193, deductions are permitted only if expressly authorized in writing by the employee, and must be for the benefit of the employee.  The employer must retain each authorization for at least six years following termination of employment.  The amendment also requires that:  (1) before any deduction is made, the employer must provide the employee with written notice of all terms and conditions of the payment and/or its benefits, as well as the details of the manner in which deductions will be made; and (2) the employer must provide the employee with information concerning deductions, including a current total of all deductions.  Employees have the right to revoke an authorization at any time, and employers are required to halt further deductions in response to such a revocation.

CMS: Moving From Pay For Quantity Towards Pay For Performance

Posted by Penny Hahn on October 29, 2012

On October 1, 2012, the Centers for Medicare and Medicaid Services (CMS) implemented two long-anticipated programs under the Affordable Care Act of 2010 (ACA): the Hospital Value-Based Purchasing Program (VBP), and the Hospital Readmissions Reduction Program (RRP). 

Hospital Value-Based Purchasing Program

The VBP was initiated by CMS to reward “acute-care hospitals with incentive payments for the quality of care they provide to people with Medicare.”  The program applies to all hospitals, except psychiatric hospitals, rehabilitation hospitals, children’s hospitals, long term care hospitals, and certain cancer and research facilities. The program also excludes hospitals subject to payment reductions under Hospital IQR; hospitals cited for deficiencies during the performance period that pose immediate jeopardy to the health or safety of patients; and hospitals that do not meet minimum requirements of cases, measures, or surveys during the performance period. The program will pay incentives based upon a score weighted 70% on the quality of performance, measured by a set of standard clinical quality measurements (Clinical Process of Care measurements), and 30% on patient experience surveys (Patient Experience of Care dimensions). The hospital’s score will be measured against either achievement or improvement, whichever is higher. The “achievement” calculation measures a hospital against all other hospitals’ baseline period performance scores, while the “improvement” score measures a hospital’s current score against its own baseline period performance score.  Under this program, patient experience is a key component of a hospital’s score, so establishing action plans that will maximize patient experience should be a focus for hospitals wishing to maximize incentive payments under the program.

As of October 1, 2012 (the start of the 2013 Federal fiscal year), hospitals will begin to receive payments under the program based on their performance during the period from July 1, 2011, to March 31, 2012.   Hospitals participating in VBP will have their base operating DRG payments for each patient discharge reduced by a percentage each year, beginning with a 1% reduction for the 2013 fiscal year. However, under VBP, a hospital that meets the performance standards set by CMS will recover a portion of the withheld payments through receipt of the incentive payments, and can even receive funds in excess of the reduction depending on the amount of incentives received.

It is too early to tell what effect the VBP program will have on a hospital’s bottom line, and studies indicate that the program may have little effect at all, but hospitals should pay attention to the guidelines as other commercial reimbursement models may be moving towards this system.  Hospitals with an active MyQualityNet account can review their 2013 Estimated Percentage Payment Summary Report at http://www.qualitynet.org.

Hospital Readmissions Reduction Program

RRP requires CMS to reduce payments to hospitals with excessive readmissions following discharge. Under this program, CMS will withhold up to 1% of a hospital’s base operating DRG payments. The program penalizes hospitals whose rates of Medicare readmissions within thirty days of discharge are higher than the national averages. This program will apply to three measures in the 2013 Federal fiscal year (heart attack, heart failure, and pneumonia) and will expand to include COPD, CABG, PTCA, and certain other vascular conditions in the 2015 Federal fiscal year.

RRP has the potential to impose stiff penalties on hospitals.  The government has announced that two-thirds of the hospitals serving Medicare patients - approximately 2,200 facilities - will be assessed penalties averaging around $125,000 per facility this coming year. The penalties under the program will rise to 3% by 2015.

Hospitals are often helpless to control what happens when a patient leaves the hospital.  To avoid penalties under this program, hospitals will need to increase their focus on discharge planning and work closely with other health care and social service providers to ensure appropriate follow-up care for the patient once they leave the hospital.

HIPAA Compliance for Laptops and Portable Electronic Devices: $1.5 Million Fine After Provider's Stolen Laptop Report Led to Full OCR Investigation

Posted by Linda Terner on October 03, 2012

smartphoneAny healthcare provider using portable electronic devices, such as smartphones, laptops, tablets, personal digital assistants, or thumb drives must comply with HIPAA to protect the confidentiality of electronic protected health information (ePHI), which means adopting and implementing adequate policies and procedures.  The U.S. Department of Health and Human Services, Office of Civil Rights (OCR) delivered a strong message to the provider community on September 17, 2012, when it announced that Massachusetts Eye and Ear Infirmary (Hospital) and its associated physician practice group had agreed to a $1.5 million settlement which included a Resolution Agreement and a Corrective Action Plan

When a Hospital physician’s unencrypted laptop was stolen on vacation, the Hospital self-reported the security incident.  The OCR proceeded to review the Hospital's entire HIPAA compliance program.  According to the Hospital’s press release, there was no patient harm discovered in the subsequent OCR investigation.

The OCR complained that since the HIPAA Security Rule compliance date of March 8, 2010, the Hospital had failed to act appropriately with regard to portable electronic devices, and pointed to the need to:

  • Restrict access to ePHI from unauthorized users/unauthorized portable devices, and be able to trace access;
  • Track movement of both Hospital-owned and personally owned portable devices containing ePHI both on and off its premises; and
  • Implement encryption or appropriate alternatives to encryption.

As part of the settlement, the Hospital agreed to adopt and distribute policies and procedures governing both workstations and portable devices accessing ePHI, and to implement these through training, monitoring, and reporting on workforce non-compliance.

A list of the minimum content of the policies and procedures was set forth in the Corrective Action Plan.  This list effectively provides a high-level framework for every healthcare provider to use in reviewing and updating its own compliance arrangements.  Among the OCR requirements were that the Hospital implement mechanisms to encrypt and decrypt portable devices so that only authorized persons could access the devices. The Hospital must also track the movement of hardware and electronic media, and implement other administrative, physical, and technical safeguards to protect the confidentiality and security of its ePHI, as well as institute sanctions for non-compliance.

Other information security aspects of such an electronic device policy are illustrated in a recently published “Mobile Device Policy” template, including changing passwords, timeouts, encryption of wireless transmissions, anti-virus software, prohibitions on storage of non-encrypted information, and IT department approval of applications, services, and configuration of bluetooth and infrared services.

Shaking Up Pharmaceutical Marketing to Physicians: $3Billion Settlement Imposed Standards and Transparency Far Beyond Sunshine Act

Posted by Linda Terner on August 29, 2012

sunsetWhile the headlines reported colorful allegations of kickbacks to physicians, such as Hawaiian vacations and Madonna tickets, and the stunning magnitude of the largest healthcare fraud settlement and payment by a drug company , the most significant aspect of the $3 Billion settlement by global pharmaceutical giant GlaxoSmithKline LLC (GSK) was the Corporate Integrity Agreement  (CIA), which restructures its sales and promotion practices.  The alleged misconduct involved “off-label” drug promotions (recommendations to use medicines for different conditions and patients than the FDA approved), payment of kickbacks, making false and misleading statements concerning the safety of Avandia, and reporting false “best prices” in order to underpay rebates owed under the Medicaid Drug Rebate Program.

With the theme “patients before profits, science before sales” the government set about to restructure GSK’s marketing practices in significant ways.  In addition to changing its incentive compensation practices, such that executive bonuses are now required to be clawed back for regulatory compliance failures, and field representative compensation must be based on service quality rather than sales volume, the 123-page CIA outlines a major overhaul of GSK’s physician arrangements policies and procedures.

Physicians and hospitals/academic medical centers may obtain remuneration from drug companies under any number of arrangements, including consulting agreements, speaker programs, service on advisory boards, research, publication activities, and grants for medical education activities.  Concern that these payments may undermine medical judgment or scientific independence led Congress to adopt the “Physician Payments Sunshine Act” reporting requirements, which go into effect on  January 1, 2013.  CMS blogged that the final rule will come later this year.  In the meantime, however, the CIA goes far beyond requiring the transparency of monetary payments. It requires that each type of physician relationship involving compensation be conducted in such a manner as to promote compliance with federal standards.

Physicians should see the following changes, among others, in their relationships with GSK and possibly with other companies that read the CIA as “a word to the wise” and adopt similar compliance practices voluntarily:

  • Physicians will receive a letter from GSK describing the allegations, the settlement, and requesting that physicians report inappropriate promotion of products or other questionable conduct;
  • Any requests by physicians for information on “off-label” uses of drugs will be required to be put in writing, confirming what information was requested, whether or not the request was unsolicited, signed by the medical professional, referred to the Medical Affairs Department, and all such requests for information will be tracked internally at GSK;
  • Drug company sales and field reps may be accompanied by monitors who will observe their meetings with health care providers and assess the promotional materials distributed;
  • Speakers at programs will be required to have compliance training and written agreements describing the scope of the work, speaker fees to be paid (fair market value with annual caps), compliance obligations. In addition, their programs will be monitored and their fees reported on the GSX website;
  • Samples, coupons, and vouchers for drugs will be distributed only to the medical specialty or types of clinical practices for which the drug’s use has been approved;
  • Researchers will have written agreements describing the scope of clinical research or other work, fees based on a pre-set rate structure, and compliance obligations;
  • Physicians who sit on drug formulary boards or who develop clinical guidelines will be required to disclose their financial relationships with GSK; and
  • Sponsorship or funding of grants to healthcare-related organizations in support of educational programs will be limited. The programs must be non-promotional and accurate in nature, and financial relationships with teaching faculty will be disclosed,.

It is important that the health care provider community as well as drug and medical device manufacturers read this CIA in order to have a clear understanding of what the Office of the Inspector General and the FDA expect.  Both business practices and compliance programs may need to be modified or enhanced to address financial incentives related to promotional and scientific activities that could compromise high quality patient care.  Transparency of financial arrangements is useful to raise the question of whether benefits have influenced physician judgment, but this CIA seeks to reform the underlying industry marketing, research, and compensation practices that drive many manufacturers’ arrangements with physicians.

Start Now: Assess/Upgrade Compliance Before December

Posted by Linda Terner on July 13, 2012

checklistNew York’s Office of the Medicaid Inspector General (OMIG) recently issued Compliance Alert 2012-01, which identifies the providers who must present the annual certification of an “effective compliance program” (as that term is defined by regulation) in December, and reminds them of this year-end responsibility. 

Providers of goods and services, either directly to Medicaid or indirectly to Medicaid managed care organizations, who have submitted claims of at least $500,000 in any twelve-month period should review the regulations carefully to determine if they are required to make a certification. 

If certification of an "effective compliance program" is required, it is now time to evaluate (and improve) the provider's compliance program.   OMIG has provided a basic self-assessment tool to aid in that process. The assessment takes only a short time to complete and is worth doing sooner rather than later. By doing so, the compliance program can be upgraded if needed in order to meet “effective compliance program” standards by December.

Earlier blogs have discussed which providers must certify, and resources for compliance program gap analysis and review.

EEOC's New Focus on Systemic Discrimination Litigation

Posted by Brian M. Culnan on June 29, 2012

Congress requires executive departments, governmental corporations, and independent agencies to develop and post a strategic plan on their public websites every five years.  These plans are supposed to direct the agency’s work and lay the foundation for the development of more detailed annual plans, budgets, and related program performance information.  Earlier this year, the United States Equal Employment Opportunity Commission (EEOC) released its Strategic Plan for 2012-2016.

EEOC listed increasing the number of systemic discrimination lawsuits against employers as a top priority.  Systemic litigation involves an allegation of a pattern or practice of discrimination or class discrimination.  Stated in other words, a case of systemic discrimination involves wrongful conduct that impacts a group of individuals as opposed to a single individual.  It may involve, for example, a preference for younger workers in the hiring process, a glass ceiling preventing women from advancing within an organization, or a sick time policy that results in a failure to accommodate individuals with disabilities.  By pursuing this strategy, EEOC seems to be saying that it is seeking more bang from its litigation buck.

Employers need to be aware that EEOC will likely seek to enlarge the scope of some otherwise single-complaint investigations where the facts that it discovers may support an allegation that systemic discrimination is occurring.  This is particularly the case where an employer’s rule or policy has broad company-wide impact upon more employees than simply the individual who brought the initial charge.