Yesterday DOJ announced its first settlement under the Department’s new “Cyber-Fraud Initiative.”  This initiative, announced in October 2021, aims to “utilize the False Claims Act to pursue cybersecurity related fraud by government contractors and grant recipients.”  However, as discussed further here, in addition to targeting traditional government contractors, the initiative presents broader opportunities for DOJ to use the FCA to address data protection practices by healthcare providers.

The healthcare industry is consistently the recipient of disproportionate oversight under the FCA, and thus it is perhaps no surprise that DOJ’s first settlement under the Cyber-Fraud Initiative was with a healthcare provider.  As announced here, a healthcare provider furnishing medical services on air force bases paid $930,000 to resolve allegations that it “violated the False Claims Act by falsely representing to the State Department and the Air Force that it complied with contract requirements relating to the provision of medical services.”  The settlement also resolved allegations relating to controlled substances. (more…)