The federal False Claims Act (FCA) represents one of – if not the – top regulatory and liability risk that healthcare providers face when doing business with federal healthcare programs (FHPs) including Medicare and Medicaid. The FCA prohibits, among other things, knowingly submitting false or fraudulent claims to FHPs. Violations of the FCA can result in treble (3x) damages plus penalties of up to $28,619 per claim.
Each year, the DOJ obtains billions of dollars in FCA settlements and judgments, the majority of which are the result of lawsuits filed by private whistleblowers (known as Relators) under the FCA’s qui tam provisions. In fiscal year 2024, for example, the DOJ recovered over $1.6 billion in FCA settlements and judgments from businesses and individuals within the healthcare industry.[i] Approximately 90% of that recovery resulted from qui tam whistleblower lawsuits. That same year, those whistleblowers (and their attorneys) received a combined total $261 million.
The Proliferation of Private Equity in Healthcare
According to a December 2024 article published by Harvard University’s School of Public Health, after seeing potential for massive profits, private equity firms began investing heavily in healthcare in the mid-2000s, “buying up physician practices and health facilities, from hospitals to nursing homes to fertility clinics, looking to at least double their initial investment and then sell within a short term, often three to seven years.”
In 2021, researchers from the University of California Berkley published an article stating that the number of physician practices that were owned by private equity firms had increased from 816 in 2012 to 5,779 in 2021. By early 2024, over 450 U.S. hospitals were owned by private equity firms, which represented 8% of all private hospitals and 22% of all for-profit hospitals. According to a study published in May 2025 by the American Medical Association’s Journal of Ethics, “[v]aluation for private equity acquisitions in health care has grown to over 150 billion dollars since 2020, and expansion continues.”
PE Firms & The Risk of FCA Liability
As private equity firms have learned over the last few years, the promise of massive profits in healthcare brings with it the threat of significant regulatory liability, particularly under the FCA. In February 2024, when then-Principal Deputy Assistant Attorney General Brian Boynton – who at the time oversaw the Department of Justice’s (DOJ) Civil Division – spoke at the Federal Bar Association’s Qui Tam Conference, he emphasized the DOJ’s focus on private equity firms, noting that while private equity firms “can play positive roles in the healthcare industry,” they could also “influence patient care by providing express direction for how a provider should conduct their business, or more indirectly by providing revenue targets or other indirect benchmarks intended to prioritize reimbursement.” Boynton made clear that any investor that “knowingly engages in conduct that causes the submission of false claims” would be subject to FCA liability, particularly where they “undermine medical judgment, inappropriately influence the doctor/patient relationship, and cause the submission of false claims to federal healthcare programs.” Boynton noted that the DOJ had already brought claims against private equity firms, and that they would likely continue to do so.
These are not just hypothetical threats; numerous private equity companies have had to resolve FCA investigations, going back more than five years. In 2019, for example, a compounding pharmacy and its private equity backer agreed to pay over $21 million to resolve allegations that they violated the FCA “through their involvement in a kickback scheme to generate referrals of prescriptions for expensive pain creams, scar creams, and vitamins, regardless of patient need, which were reimbursed by TRICARE, the federal health care program for military members and their families.” The government’s press release noted that the private equity firm that managed the compounding pharmacy on behalf of its investors “allegedly knew of and agreed to the plan to pay outside marketers to generate the prescriptions and financed the kickback payments to the marketers.”
In October 2021, the State of Massachusetts announced that a mental health provider and its private equity backer had agreed to pay $25 million to resolve allegations that it violated Massachusetts’ state version of the FCA by utilizing and employing “unlicensed, unqualified, and unsupervised” staff at its mental health facilities in violation of state regulations.
And in June 2023, a qui tam whistleblower law firm announced that it had entered into a $9 million settlement with a private equity firm that owned mail-order specialty pharmacies. According to the law firm’s press release, the qui tam complaint alleged that the defendants violated the FCA by prescribing and shipping thousands of Subsys prescriptions for “off-label, illegitimate, and non-medically accepted or necessary uses.” In that case, the government intervened (or took over the litigation) and settled against Subsys manufacturer Insys Therapeutics but declined to intervene as to the other defendants, including the private equity firm. As permitted by the FCA, the Relator decided to pursue the case against the non-settling defendants, ultimately resulting in the $9 settlement. In its press release, the law firm noted that “[o]ver the last ten years, there have been a number of settlements with healthcare companies in FCA cases, resulting in more than half-a-billion dollars for allegedly violating the FCA while under private equity ownership. In most instances, however, the private equity firms working behind the scenes were not included in the actions or settlements.”
Importantly, liability for a private equity investor is not necessarily limited to conduct that occurs after the transaction but can also include conduct that occurred prior to the closing, under certain circumstances. In July 2020, in a guidance document discussing another federal law – the Foreign Corrupt Practices Act, the DOJ made its position on the topic clear: “[c]ompanies acquire a host of liabilities when they merge with or acquire another company, including those arising out of contracts, torts, regulations, and statutes. As a general legal matter, when a company merges with or acquires another company, the successor company assumes the predecessor company’s liability.”
Notwithstanding the DOJ’s broad and aggressive interpretation of successor liability, the reality is a bit more nuanced. Various federal courts throughout the country have grappled with whether and when a company acquires the liability of its acquiree, including for purposes of the FCA. In United States ex rel. Jajdelksi v. Kaplan, Inc., for example, the United States District Court for the District of Nevada held that the acquiring company in that case had not acquired the liability of its acquiree. The District Court held that “ordinarily, a corporation which purchases the assets of another corporation does not thereby become liable for the selling corporation’s obligations, unless certain exceptions are satisfied.” The court held that two conditions must generally be met in order for successor liability to take effect: (1) “the successor must have had notice of the claim before the acquisition,” and (2) “there must be substantial continuity in the operation of the business before and after the sale.” The court in Jajdelski held that because the Relator’s complaint did not adequately allege these conditions, it failed to state a claim against the successor company.
Applying the same standard, another district court in Illinois found that the conditions for successor liability were adequately plead. In United States ex rel. Geschrey v. Generations Healthcare, the United States District Court for the Northern District of Illinois cited Jajdelski and applied the same standard discussed above, but held that in the case before it, the Relator’s complaint sufficiently plead the conditions for successor liability.
State Law Enforcement and Liability
In addition to the DOJ and qui tam whistleblower lawyers – who have shown their willingness to bring FCA cases against private equity firms – some states have made it clear that they are also ready to pursue such matters.
In January 2025, for example, Massachusetts Governor Maura Healey signed a bill into law that, among other things, amended the state version of the FCA to include liability for private equity and other investors who fail to disclose known misconduct by an affiliated healthcare provider. That statute – HB 5159 – amends the Massachusetts FCA’s definition of “knowledge” by creating liability for those with an “ownership or investment interest” in an entity that violates the FCA, where the owners/investors know about the violation and fail to disclose it to the proper state authorities within 60 days. The statute’s definition of “ownership and investment interest” is broadly defined to include all types of investment vehicles, including private equity.
Including Massachusetts, 34 states and the District of Columbia have some version of a false claims act, and several cities – including New York City, Chicago, and Philadelphia – also have their own false claims act. While these FCAs might not specifically address private equity liability, they are generally drafted broadly enough to allow for private equity liability, at least under certain circumstances.
What Can Private Equity Firms Do To Mitigate Risk?
Thankfully, there are steps that private equity firms and other healthcare investors can take to mitigate the enforcement risk. In October 2023, for example, the DOJ announced the “Mergers & Acquisitions Safe Harbor” Policy, which provides protection to acquiring companies that promptly and voluntarily disclose misconduct within 6 months of a transaction’s closing. The Safe Harbor Policy is “Department-wide,” meaning it applies to all of the DOJ’s enforcement arms, including FCA enforcement. In announcing the policy, then-Deputy Attorney General Lisa Monaco stated that each part of the DOJ would “tailor its application of [the] policy to their specific enforcement regime, and will consider how this policy will be implemented in practice.” In order to avail itself of the policy’s protection, a company must not only disclose within the 6-month time period, but also “engage in timely and appropriate remediation, restitution, and disgorgement.” In announcing the policy, the DOJ warned that “[b]y contrast, if your company does not perform effective due diligence or self-disclose misconduct at an acquired entity, it will be subject to full successor liability for that misconduct under the law.”
In December 2024, the DOJ cited the Mergers & Acquisitions Safe Harbor Policy and declined to prosecute a private equity firm for violations of certain export control laws committed by the acquired entity. Although not an FCA matter, the DOJ’s declination letter provides insight into what factors it considers important in determining whether a private equity company is entitled to protection under the safe harbor policy:
- The acquisition was lawful and bona fide;
- No pre-existing disclosure obligation required the acquiring private equity firm to disclose the misconduct they discovered at the acquiree;
- The disclosure was timely under the circumstances;
- The private equity firm provided and caused its acquiree to provide “exceptional and proactive cooperation”; and
- The private equity firm “timely and appropriately remediated the misconduct in less than one year from the date of its discovery.”
Where the conduct giving rise to FCA liability occurs after the acquisition, the private equity investor faces the potential for FCA liability if it knew about the conduct or acted with deliberate ignorance or reckless disregard. Accordingly, it is essential for private equity firms to take proactive steps to ensure compliance at the acquiree level, including making sure that the acquiree has an effective compliance program and that it understands and follows all applicable statutes and reimbursement rules. It is typically an effective defense for a private equity firm to take the position that it was not responsible for compliance, particularly where the money ultimately flows to the private equity investors.
Conclusion
Billions of dollars have flowed from federal healthcare programs to healthcare providers and suppliers, and then to private equity investors over the last two decades. But, as demonstrated above, with the potential for significant profits comes the risk of significant liability. The FCA is, and will likely remain, one of the most significant of those risks for healthcare investors. When acquiring a healthcare entity, it is essential for private equity investors to conduct adequate due diligence and, where appropriate, work with the acquiree to self-disclose. After the transaction closes, the private equity firm should continue to take a proactive role to ensure that the acquiree complies with all applicable rules and regulations.
__________________
The attorneys at Chilivis Grubman represent businesses and individuals in connection with False Claims Act investigations and litigation. If you need assistance with such a matter, contact us today.