Explore essential legal considerations for healthcare mergers and acquisitions, covering due diligence, regulatory compliance, and structuring agreements, with insights from Cohen Healthcare Law Group.
In the healthcare sector, M&A is a complicated business that calls for detailed planning and careful attentiveness to the regulatory landscape if it’s to have any hope of achieving a successful outcome. This guide tackles the crucial aspects of M&A law that healthcare providers need to be aware of and pay heed to—due diligence, for starters, which is now more vital than ever because of the increased risk of governmental enforcement actions. After that, we move on to the necessity of securing the myriad of required regulatory approvals, a process that constitutes a “deal killer” for many transactions. Finally, we consider various ways that agreements can be structured to keep risks to a minimum while also maximizing the benefits that the transaction is supposed to produce.
It is very important to carry out detailed due diligence during mergers and acquisitions in the healthcare sector, which involves a comprehensive evaluation not just of the target company’s financial situation but also of its legal past and regulatory adherence. Financial due diligence looks at the real financial picture of the company; in healthcare M&A, operational due diligence is just as critical for getting a handle on the company’s true condition. Both types require very thorough, very detailed examinations of the target company. A good online resource for diving deeper into financial due diligence exists here: https://www.sec.gov/reportspubs/investor-publications/divisionsmarketregbdguidehtm.html.
Healthcare mergers and acquisitions require a specialized summary of diligence activities because the target organization must be assessed for risks arising from noncompliance with key laws governing the healthcare industry. As a first step, legal and regulatory due diligence must examine not only the Stark Law and the Anti-Kickback Statute but also the HIPAA; otherwise, the transaction may end up being a huge mistake, as was the case in 2003 when the SEC sanctioned HealthSouth Corporation in Birmingham, Alabama, for wrongdoing that affected health insurance customers. Following this debacle, the federal government imposed stricter regulations, which made conducting due diligence even more important and more difficult to accomplish.
Healthcare mergers are required to follow a chapbook of federal and state regulations and, most times, need the go-ahead from regulatory authorities. They’re reviewed by the Federal Trade Commission (FTC) to ensure they don’t result in anti-competitive behavior. If you lessen local market competition, you may well be in the sights of the FTC. You can find more details about the workings of this particular regulatory stop along the merger highway at https://www.ftc.gov/tips-advice/competition-guidance/industry-guidance/health-care.
It is essential to comply with the Stark Law and the Anti-Kickback Statute; these enforceable statutes ensure new financial arrangements made post-merger do not improperly encourage referrals and also abide by fair market value standards. Furthermore, compliance with a given state’s requirements is imperative. Some states mandate that an organization obtain a Certificate of Need prior to making changes in the service lines or ownership of a healthcare facility. State-specific CON requirements can be found at https://www.ncsl.org/health/certificate-of-need-state-laws. A well-known example involved a hospital whose acquisition was delayed by “concerns” expressed by the FTC about potential anti-competitive effects. Ultimately, the transaction was consummated but only after the organization making the acquisition had modified the deal.
Purchasing agreements can be structured strategically to cut significant risks from healthcare mergers and acquisitions. We typically see in such agreements “representations” and “warranties” that clarify the parties’ obligations, as well as regulatory compliance, particularly related to “financial integrity” and “operational health.” Healthcare companies also see “indemnification” clauses that protect the buyer from taking on any liabilities related to the target company’s past violations of laws and regulations. These agreements can also see “earn-out” provisions that tie future payments to the target’s future financial performance. One company, a provider of healthcare services, successfully used such indemnification clauses to cut significant risks from their liabilities related to past regulatory breaches.
It is crucial to integrate compliance programs after a merger if an organization wants to remain regulatory-compliant and avoid lengthy, expensive, future brushes with regulatory authorities. Along with the inevitable other policies and procedures that must also be integrated after a merger, compliance policies must be brought together across the two merging organizations so that they and all their staff can be assured that they are working under the same set of rules. Audits of compliance also must be done—both to ensure that there are no gaps in compliance to begin with and to find any problems that can be fixed before they lead to serious consequences.
Here’s a case study of a compliance audit done after a merger by a large healthcare group. After the compliance audit found potential areas of non-compliance, the two organizations involved in the merger were able to integrate their compliance policies and procedures in such a way that all the staff across the new entity were assured that they were now working under a single set of rules.
Healthcare regulations must be followed in M&A processes; otherwise, the results can be quite severe. They can include hefty penalties, delays in the actual merging of organizations, and damage to the reputations of the organizations involved. What types of violations are we talking about, and what are their consequences? Here are some common ones, along with their outcomes: failing to get the required approvals resulting in fines and delays; violating the Stark Law and the Anti-Kickback Statute resulting in lawsuits; and not doing proper due diligence resulting in unforeseen liabilities.
If you want more detailed information about M&A compliance in the healthcare sector, look to SEC resources like the “Guide to Financial Due Diligence,” or FTC resources like the “Guide to Healthcare Mergers & Acquisitions.” The National Conference of State Legislatures (NCSL) also offers good background information on the “Certificate of Need” laws that many states have, as well as in-depth knowledge of other state statutes and regulations that might impact mergers and acquisitions in the healthcare sector. Finally, the U.S. Department of Health and Human Services (HHS) provides good M&A compliance resources, especially in the area where HIPAA and financial due diligence intersect.
To conclude, healthcare mergers and acquisitions require a lot of care and attention if they are to succeed. They call for not just accurate due diligence (the “heavy lifting” that we always recommend a law firm do in these deals), but also smart structuring of the agreements that prevent nasty surprises down the road and enable nice outcomes. And they need to be registered with the right kind of authorities. After the deal is done, there is still much to do. Merged entities have to integrate operations—especially in this space, where failure in this area can lead to regulatory issues down the road.

Contact our healthcare law and FDA attorneys for legal advice relevant to your healthcare venture.
Contact Us
