Health Care


For more than two decades Wiley Rein attorneys have represented entities seeking to contract (or that have contracted) with federal and state governments to provide services in connection with a government health care program, like Medicare, or needing guidance on statutory and regulatory requirements impacting commercial and/or government health care programs, such as the  Affordable Care Act (ACA), HIPAA/HITECH and the Medicare Secondary Payer statute.

Our engagements have spanned the health care continuum—from emerging health care issues and programs to legal and operational obligations that over time have become the expectations of regulators, beneficiaries/members, and indeed the health care industry. These varied engagements have included the following: 

  • Regulatory counseling under federal laws, such as the Telephone Consumer Protection Act (TCPA), that have application to communication modalities now used routinely by health plans and providers (e.g., text messaging and auto dialing).
  • Representation in contract disputes under the ACA related to the establishment of health insurance exchanges.
  • Negotiation and drafting of multi-billion dollar pharmacy benefit manager (PBM) contracts to support both commercial and federal health care programs.
  • Assessment of heightened risks for health care contractors under the False Claims Act (FCA) in the wake of the Supreme Court’s decision in Universal Health Services v. United Sates ex rel. Escobar adopting an implied certification theory of FCA liability.
  • Representation in matters of health care procurement, including bid protests, and contract administration.
  • Regulatory counseling under HIPAA/HITECH addressing security and privacy compliance issues; assessment of Security Incidents and Breaches and development of mitigation plans; and assessment of pre-contracting risks and performance of post-contracting audits of Business Associates.

Our clients are diverse. Many are contractors, including managed care organizations and administrative service companies, under Medicare, Medicaid, the Federal Employees Health Benefits (FEHB) Program and the U.S. Department of Defense (DOD) TRICARE program. As Washington lawyers who have served as regulators, in-house counsel for national and regional health care organizations, and health care executives, we offer an uncommon depth and breadth of experience and understanding of the myriad laws and regulations governing these programs.


Doing business with the federal government requires reliance on a highly specialized set of legal skills—particularly in light of the current emphasis on oversight, compliance and “mandatory disclosure” of wrongdoing. We counsel companies of varying sizes and sectors of the health care industry on how best to do business with the government, providing advice on recent changes to laws and regulations, legislative bills and regulatory rules still under consideration with opportunities to weigh in, and the practical effects of such changes or potential changes on their businesses.  With our clients we look ahead to new opportunities in regulated markets, like in the emerging area of connected health care devices and mobile health (mHealth) apps/Internet of Things (IoT).

For example, we handle the full spectrum of matters relating to the procurement of health care benefits and services—from the solicitation of requests for proposals, to the defense or protest of contract awards before agencies, the U.S. Government Accountability Office (GAO), and the U.S. Court of Federal Claims to the handling of disputes involving contract modifications, change orders, requests for equitable adjustments (REAs), and claims and terminations. We provide counsel on the Federal Acquisition Regulation (FAR), other cost rules governing health care contracts, and the growing body of privacy and security rules.  Our lawyers also negotiate and draft agreements with government agencies, first tier and downstream entities, and subcontractors and vendors—including pharmacy benefit managers and behavioral health companies—and handle follow-on disputes. With contracts in place, we represent our clients in cost and contractor performance audits and contest audit findings at the administrative level, before Boards of Contract Appeals, and in federal court. We also represent our clients in government surveys and investigations and defend them in false claims investigations and litigation , in other program integrity-related proceedings, and in risk management and compliance counseling.

Our work under the Medicare program has been extensive, and our clients are often at the forefront of Medicare reform.  They are Medicare Administrative Contractors (MACs), program integrity contractors, and Medicare Advantage and Medicare Part D plans. 

♦    MACs (Medicare Administrative Contractors) and Program Integrity Contractors

Our work with Medicare contractors goes back almost three decades to the 1990s, when we represented Medicare fiscal intermediaries (FIs) and carriers in contract matters (including cost audits and contractor performance reviews) and in false claims investigations and related litigation.  In 2006, many of our clients began transitioning from FIs and carriers to MACs when the Medicare Prescription Drug, Improvement, and Modernization Act of 2003 instituted contracting reform and introduced contractors to competitive bid procurements, bid protests, and daily life under a full set of Federal Acquisition Regulation (FAR) clauses.  Like their predecessor contractors, MACs process and pay Medicare provider and supplier claims for services they render to Medicare beneficiaries in the states within their MAC “jurisdictions.”  

Joining with colleagues in the firm’s Government Contracts Practice, we successfully defended the first MAC contract award to a Medicare contractor (for Durable Medical Equipment Jurisdiction D) in a 2006 bid protest before the GAO. Since that time we have both brought and defended numerous protests on behalf of our MAC clients, and few, if any, law firms can boast equal experience.   

As outlined above, we provide the full panoply of procurement counsel to our MAC and MIP contractor clients and routinely advise on contract administration matters.  Engagements have included:

  • Advising on procurement opportunities and related legal and business risks 
  • Providing counsel during agency cost audits and performance reviews and follow-on corrective action plans
  • Mediating subcontractor disputes
  • Providing guidance on subcontractor versus vendor classifications and drafting contracts for both  
  • Counseling on cost allowability issues, including pension and termination costs, and accounting practice changes
  • Advising on Service Contract Act issues
  • Successfully defeating provider suits by establishing MAC contractor immunity; responding to provider subpoenas
  • Conducting compliance reviews and internal investigations and enhancing existing compliance programs
  • Successfully defending more than a dozen false claims cases and providing counsel in fraud investigations
  • Counseling on IT, privacy and security matters
  • Advising on IP/data rights issues
  • Serving as counsel in MAC business restructures and transactions, including the sale of MAC assets and novations

♦    Medicare Advantage and Medicare Part D Plans

We provide counsel to those entities that serve as Medicare Advantage (MA), MA-Part D or Part D plan sponsors on the full range of regulatory and operational requirements attendant to these programs. We also work with these plans, and with other entities seeking to provide ancillary services in the MA or Part D market, on regulatory and contractual requirements for first tier and downstream contractors.   

♦    Medicare Secondary Payer Obligations and “Section 111” Reporting

We have assembled a multi-disciplinary team of experienced attorneys from our Health Care and Insurance practices to address complex issues arising under the Medicare Secondary Payer (MSP) statute and related federal reporting and reimbursement requirements.

Our clients in the MSP arena are both health insurers and casualty insurers and depending upon their business, they may be primary or secondary payers in the Medicare Program. Our work for them has been quite varied. In one engagement for a commercial health plan, we provided counsel in connection with an internal review that identified the client’s mistaken payment of claims as the secondary, not primary, payer. We guided the client through their voluntary disclosure of the underpayments to the Centers for Medicare & Medicaid Services (CMS).

We also routinely provide counsel to insurers with Medicare reporting and reimbursement obligations. These obligations are borne by two categories of insurers—group health plans and non-group health plans, the latter being comprised of liability insurers (including self-insured entities), no-fault carriers, and workers’ compensation plans. Their reporting requirements spring from Section 111 of the Medicare, Medicaid and SCHIP Extension Act of 2007 (MMSEA), as well as long-standing but often overlooked insurer obligations under the MSP statute to reimburse Medicare for its prior “conditional payment” of medical expenses of Medicare beneficiaries. For years, non-group health plan insurers had to rely on informal guidance from the CMS to divine their reporting and reimbursement obligations. In 2015, CMS issued a rule under the SMART Act, which offers these insurers some, albeit limited, assistance in identifying the amounts they may owe CMS before they settle claims alleging bodily injury or emotional harm.  That reimbursement debt also may be owed to Medicare Advantage plans, which, in some federal districts, may sue non-group health plans for their unreimbursed Medicare beneficiary payments.  Federal legislation is pending that would clarify that Medicare Part D plans also are secondary payers with reimbursement rights similar to Medicare Advantage plans.

We assist our insurer clients in understanding their MSP obligations and Section 111 reporting requirements, in implementing effective compliance programs, and in structuring settlement terms.  Our Section 111 team routinely covers CMS’s Section 111 Town Hall Teleconferences and publishes periodic Section 111 Bulletins addressing notable Town Hall discussions and other Section 111 developments. You may access our Section 111 Insurer Reporting and MSP Obligations specialty practice webpage, and read the Section 111 Bulletins and articles we have published here.

We have broad Medicaid procurement and contracting experience for managed care companies. We have negotiated contracts between managed care plans and state Medicaid departments, and between health plans and a host of ancillary service vendors such as pharmacy benefit managers, disease management companies and behavioral health companies. Our lawyers also have counseled our clients on maintaining contract and program compliance. We have worked on a wide range of matters and issues addressing:

  • Contract negotiation with state agencies
  • Bid protests and related litigation
  • Network development and provider contracting on behalf of health plans
  • Procurement of pharmacy benefits and related management services
  • Compliance with state and federal privacy and security laws
  • Corporate reorganizations, mergers and asset sales
  • Internal investigations
  • Government investigations

Federal Employees Health Benefits Program
For more than 25 years, we have served as outside counsel to a major carrier association participating in the FEHB Program through its member plans. In that capacity, we have participated in contract negotiations between the association and the U.S. Office of Personnel Management (OPM), as well as with subcontractors, and in the drafting of the benefits brochure. We have provided counsel on day-to-day contract compliance issues. We also represent this association in its contract negotiations with retail, mail, and specialty pharmacy benefit management vendors and in related pharmacy benefits matters arising under those contracts. For individual member plans, we have assisted with their defense of OPM audit findings and counseled on the FAR mandatory disclosure rule. Finally, we have assisted community-rated plans with entry into the FEHB Program, with preparation of benefit package proposals and annual rate submissions, and with rate reconciliation matters. More specifically, we have provided advice on regulatory and legislative issues under the FEHB Program that have addressed:

  • Cost principles under the Federal Acquisition Regulation (FAR) Part 31
  • Subcontracting obligations under the FAR
  • Pharmacy benefits
  • Member benefit design
  • OPM cost report audits
  • Coordination of benefits and subrogation
  • Affiliate transactions
  • Vendor agreements and joint ventures
  • Compliance with the state and federal privacy and security laws
  • Patients’ Bill of Rights
  • Denial of benefits and related litigation
  • Allegations of PBM false claims and fraudulent conduct

In addition, on behalf of our FEHB Program clients, we have successfully appealed final OPM audit decisions to the Armed Services Board of Contracts Appeal that raised issues of unallowable costs, defective pricing, defective community rating, improper loadings, lost investment income, and federal subcontracting obligations.

Our lawyers have provided counseling and litigation services to TRICARE contractors (and prospective contractors) on pre-award, bid protest, and procurement issues. We also have a well-established practice assisting TRICARE contractors after contract award. Given the government’s historic propensity to modify contracts, either constructively or through change orders that fail to include adequate financial adjustments, we have developed an active practice representing clients in the preparation and negotiation of requests for equitable adjustments (REA) and claims against the government.


Health care fraud enforcement continues to be a principal area of our Health Care Practice and a perennial top priority of the U.S. Department of Justice (DOJ), other federal and state law enforcement organizations, and federal and state health care agencies. Coupled with this priority status is an enhanced set of government resources and new enforcement tools, such as an amended False Claims Act (FCA) recently reinvigorated by Supreme Court decisions on reverse false claims and implied false certifications; the federal crime of health care fraud; asset forfeiture remedies; and stricter civil, criminal, and administrative penalties. Our Health Care team is well versed in these resources and tools as a number of our partners gained valuable fraud enforcement experience serving in key positions in the government. That experience includes investigation and prosecution of major health care fraud cases on behalf of U.S. Attorneys’ offices, investigation and litigation on behalf of the Virginia Attorney General’s office against companies violating the state’s consumer fraud statutes and regulations, service on the DOJ's Health Care Fraud Working Group, and review of model compliance programs. Those experiences offer our clients an important perspective when they must defend fraud cases or conduct internal investigations.

Our multi-disciplinary team of health care and white collar attorneys has defended more than 75 for-profit and not-for-profit health care entities in civil and criminal suits under the False Claims Act and Racketeer Influenced and Corrupt Organizations (RICO) Act, and in administrative fraud proceedings. Our collective experience includes:

  • The successful defense of Medicare contractors (fiscal intermediaries, carriers and Medicare Administrative Contractors (MACs)) in more than a dozen false claims investigations and qui tam suits, which we either resolved before litigation ensued or the government intervened:  one engagement, a parallel criminal and civil investigation, involved allegations of intentional provider overpayments and the submission of false cost reports and certifications to CMS to hide those payments, another, defended allegations of fraudulent reporting of contractor performance under Medicare secondary payer regulations.
  • The dismissal of a $30 million FCA suit filed by relators (former inspector general auditors) against a major carrier/underwriter of group health benefits for the FEHB Program.
  • The dismissal of a $100 million class-action suit against a FEHB Program contractor that alleged violations of RICO founded upon the secret setting of provider discounts not factored into the calculation of coinsurance amounts.
  • The successful defense of numerous other health care entities in fraud investigations and suits under government health care programs, including: hospital systems, physician groups, pharmaceutical manufacturers and their representatives, medical device manufacturers and their representatives, durable medical equipment manufacturers and suppliers, academic medical institutions, labs, and ambulance companies.

In these representations we have advised and guided our clients through issues pertaining to debarment and exclusion, the liability of individual corporate actors following the issuance of the Department of Justice Yates Memo, the negotiation of corporate integrity agreements (CIAs), and the defense of agency findings of material weaknesses and deficiencies, as well as contract terminations, transfers, and novations. In conjunction with the global settlement of one false claims investigation, we negotiated the first CIA for the former Medicare+Choice (now Medicare Advantage) program.

We also have significant experience representing clients in congressional investigations and hearings:

  • We navigated the lead developer of through multiple congressional and government investigations into the troubled roll-out of the health care insurance exchange system, shifting the focus of federal investigators from blaming the contractor to finding fault with government mismanagement of the project.
  • We represented a developer of a state health insurance exchange in meetings with members of the Senate Finance and Judiciary Committees, the House Energy and Commerce Committee and House Oversight and Government Reform Subcommittees investigating failed state health exchanges.
  • We represented a foreign drug manufacturer in a House Energy and Commerce Committee investigation into FDA approvals of sales by foreign drug companies.

And we have deep experience representing health insurers that have been defrauded by health care providers. In this regard, we have worked closely with law enforcement officials around the country on joint investigations and are able to provide unique insight into the government’s enforcement activity in terms of how they work and where their priorities lie. Our anti-fraud-related matters have included:

  • Representation of groups of health insurers in national RICO, ERISA, and state-law-based insurance fraud suits and investigations involving health care fraud by psychiatric hospitals, home care providers, rehabilitation hospitals, clinical laboratories, dialysis companies, and dental groups.
  • Representation of property and casualty insurers in RICO and fraud litigation against chiropractic clinics, medical mills, and personal injury attorneys.
  • Representation of insurers in smaller cases involving fraudulent activities by individual physicians and insureds.
  • Representation of insurer victims in criminal RICO cases.
  • Defense of malicious prosecution, defamation, and invasion of privacy suits around the country.
  • Evaluation of national RICO suits against various health care providers, attorneys, and other insurance claimants.
  • Filing of amicus curiae briefs before the Supreme Court, lower federal courts and state supreme courts on restitution, waiver of copayment, victim participation, and other fraud-related issues.

We have drawn upon all of these experiences in leading compliance reviews and audits at numerous health care companies in which we often have implemented or updated compliance programs and designed interactive compliance training modules for company employees. We tailor compliance programs to the specific operations and business culture of the client to facilitate its becoming an integral part of each employee’s day. We also have assisted our clients with internal investigations into allegations of fraud or wrongdoing and have helped them successfully navigate the intricacies of mandatory and voluntary self-disclosures.


Our representation of health care entities extends to providing counsel and advice on a wide array of statutory, regulatory, and general compliance issues affecting commercial health care products.  In this regard we have:

  • Represented health care companies in regulatory matters arising under state law (including preparing licensure applications and providing representation in regulatory audits).
  • Provided counsel on the application of federal law and regulation, including the Employee Retirement Income Security Act (ERISA) (e.g., concerning access and portability issues arising under Title I) and corresponding U.S. Department of Labor regulations.
  • Developed and negotiated administrative service organization (ASO) contracts, full and partial risk contracts for commercial products, and contracts for pharmacy benefit management services.
  • Provided extensive analyses of state laws and pending legislation affecting commercial plans, including providing advice regarding the extent to which such laws might be preempted under applicable federal requirements.


We counsel providers, insurers, and other law firms on the regulatory requirements (including reporting, disclosure, and licensure obligations) arising out of corporate reorganizations, mergers and acquisitions, and bankruptcies of health care businesses.  In providing this advice, we often work as a team with our colleagues in the firm’s Corporate Practice, reviewing and drafting agreements and undertaking specific due diligence assignments.  We also provide counsel on related issues addressing successor liability, indemnification, document retention, government reimbursement of related transaction costs, and ongoing provider services and post-transaction cooperation of the parties.


We have a robust HIPAA privacy and security practice and routinely counsel clients on related regulatory and compliance issues and assist with quickly and comprehensively addressing security incidents and breaches. Our team of attorneys is able to provide advice not only on meeting the reporting obligations required under HIPAA, but also in negotiating the landscape of federal and state program obligations and contractual requirements. We have significant experience providing HIPAA, HITECH and cybersecurity counseling to national and regional health insurance companies in connection with commercial, federal, and state health care programs including Medicare, Medicaid, the Federal Employees Health Benefits (FEHB) Program, and the U.S. Department of Defense TRICARE program.

We draft and negotiate agreements to comply with the HIPAA Administrative Simplification Regulations–such as entity-specific privacy and security policies and procedures that combine mandated legal requirements with an entity’s own operational nuances, and Notices of Privacy Practices and Business Associate Agreements for our health care clients (both in their roles as Covered Entities and as Business Associates (e.g., third party administrators)) and for our non-health care clients that provide certain services to health care entities that thereby qualify them as Business Associates.

Because of the growing importance of data sharing in the health care arena for purposes such as quality assessment, data management, and undertaking collaborative relationships with academic researchers and other industry leaders, we routinely counsel clients on how to structure and document such affiliations to meet the requirements of the HIPAA Regulations (including when such endeavors constitute “research” rather than “health care operations” or when PHI rather than a limited data set or de-identified data can be exchanged).

Our attorneys also regularly assist clients in undertaking risks assessments to determine whether an action constitutes a “Breach” within the meaning of HIPAA, in developing communications required to report such Breaches, and in negotiating resolutions with regulators. We have provided counseling on localized Breaches involving only internal misuses of PHI to breaches perpetrated by external actors and involving thousands of members. In sum, Wiley Rein is the “go-to” firm for assisting our health care clients in the identification, documentation, notification, and mitigation of privacy and security breaches.

In addition to projects for clients, we have been at the forefront of the effort to educate the health care industry on the evolving compliance challenges associated with this area. We also publish and speak regularly to a wide variety of audiences on privacy issues outside the health care industry. With more than a dozen partners with significant privacy expertise, including both protected health information and consumer financial privacy, we have one of the most complete privacy practices in the country.

Wiley Rein has been nationally ranked as a top-tier firm in the Privacy & Data Security: Healthcare category by Chambers USA (2008-2016). The directory’s sources consistently single out Kirk J. Nahra, the firm’s Privacy chair and a Health Care co-chair, as a top-tier privacy attorney, as “an expert on HIPAA and other health care-related entities governed by privacy laws” who “brings more than just his tremendous knowledge of current data privacy and security law—he also brings practical knowledge of what other health care organizations are doing.” Mr. Nahra also is rated as one of “The Best Lawyers in America” in the area of health care law.

Contact Us

Health Care Practice Co-Chairs:

Kathryn Bucher
202.719.7530 |

Kirk J. Nahra
202.719.7335 |

Dorthula H. Powell-Woodson
202.719.7150 |

Our People

News & Insights

News & Insights