What is the Physician Payments Sunshine Act?
The Physician Payments Sunshine Act requires pharmaceutical companies, device manufacturers, and group purchasing organizations that participate in federal health programs to report payments and items of value given to “covered recipients”. The Act also requires reporting entities to declare if a covered recipient or a member of the recipient’s family has an ownership or investment interest in the organization.
The Physician Payments Sunshine Act (42 USC 1320a-7h) is an Act passed in 2010 with the purpose of increasing the transparency of financial relationships between pharmaceutical companies (etc.) and healthcare providers in order to uncover potential conflicts of interest that could compromise treatment decisions and medical research, or that could increase the cost of healthcare services billed to federal health programs.
The Act led to the creation of CMS’ Open Payment program which allows members of the public to search the payments database by provider, teaching hospital, or reporting entity, and by general payments, research payments, or declared investment interests. Since 2017, 88 million transactions have been recorded on the Open Payment platform – accounting for $76.9 billion in payments, items of value, and declared interests.
The Background to the Physician Payments Sunshine Act
Prior to the passage of the Physician Payments Sunshine Act, federal health programs relied on laws such as the False Claims Act and regulations such as the Anti-Kickback Statute to protect them from fraud and abuse. However, concerns lingered that a lack of transparency about industry-physician relationships could still compromise treatment decisions, influence medical research, and increase healthcare costs.
HHS OIG Exclusions List
What You Need To Know
Get The 6 Essentials Checklist For Compliance Officers
A link to your download will be sent to your email address
Your Privacy Respected
HIPAA Journal Privacy Policy
Several states had already enacted legislation requiring that industry payments to physicians were reported. Generally, these had inconsistent reporting requirements and were poorly policed. Often violations of state laws were only identified due to the actions of whistleblowers. Congress decided a federal solution was necessary and passed the Physician Payments Sunshine Act within the Patient Protection and Affordable Care Act.
The Act mandates that all payments, items of value, and investment interests worth over $10 are reported to CMS annually unless an exclusion applies. The Act made provision for reports to be reviewed by covered recipients prior to publication and disputed if necessary. It also allowed for a state law to preempt the Act if a state law had more stringent reporting requirements than the Physician Payments Sunshine Act.
Note: The Physician Payments Sunshine Act was originally intended to just cover payment and items of value given to physicians and teaching hospitals. In 2018, the definition of “covered recipients” was extended to include physician assistants, nurse practitioners, clinical nurse specialists, certified nurse anesthetists, and certified midwives. In practice, the Act applies to payments made to any “advanced practice nurse”.
Penalties for Violating the Physician Payments Sunshine Act
The Act also includes penalties for noncompliance. Under the Penalties section, HHS’ Office of Inspector General (OIG) can impose a civil monetary penalty of between $1,000 and $10,000 for the failure to report a payment within the stipulated timeframe (March 31). The penalties are per unreported (or late reported) payment, up to a maximum civil monetary penalty of $150,000 per year.
For the more serious offense of a knowing failure to report, HHS OIG can impose civil monetary penalties of $10,000 and $100,000 up to an annual cap of $1 million. These figures has since been adjusted for inflation, and the penalties for violating the Physician Payments Sunshine Act in 2025 are:
| Violation | Minimum | Maximum | Annual Cap |
| Failure to Report/Late Report | $1,406 | $14,067 | $211,008 |
| Knowing Failure to Report | $14,067 | $140,674 | $1,406,728 |
HHS OIG typically issues between three and six civil monetary penalties per year for violations of the Physician Payment Sunshine Act. However, the Department of Justice has also imposed Sunshine Act penalties – the most newsworthy being a $1.11 million penalty added to an $8.1 million settlement with Medtronic USA Inc in October 2020 for violations of the Anti-Kickback Statute that were not reported to CMS’ Open Payment program.
CMS’ Open Payment Program
Under the Physician Payments Sunshine Act, “covered” pharmaceutical companies, device manufacturers, and group purchasing organizations are required to maintain records of all non-excluded payments and items of value given to covered recipients, and all qualifying investment interests. “Covered” reporting entities are organizations that manufacture or distribute drugs, medical devices, or biological/medical supplies.
Each year, prior to March 31, reporting entities must file a report with CMS listing payments in three categories – “Research Payments”, “Ownership and Investment Interests”, and “General Payments”. The General Payments category includes payments for consulting and speaking fees, grants, entertainment, travel, food and drink, space rental, gifts, and royalties. CMS has recently added debt forgiveness to this category.
From April onwards, covered recipients can log into the CMS Open Payment portal and review what payments and items of value have been accredited to them. They have a short window to May 15 to dispute any recorded transaction with the reporting entity. Disputes must be resolved and errors corrected by May 30. The data is published by CMS on June 30, when it is accessible to the public via openpayments.cms.gov.
The data is not only valuable to members of the public, who can find out about any financial relationships that might influence their healthcare providers’ treatment recommendations. It is also valuable to healthcare compliance officers, who may not have complete visibility into their organization’s financial relationships or granular relationships between – for example – medical supplies distributors and healthcare procurement departments.
Compliance with the Sunshine Act Can be Complicated
Due to the number of exclusions to the Physician Payments Sunshine Act and the increased number of healthcare professionals that qualify as covered recipients, compliance with the Act can be complicated. Organizations that qualify as reporting entities are advised to be aware of both the exclusions (in Section 10 of the Act) and who qualifies as a covered recipient (see Glossary and Acronyms) to ensure they can demonstrate compliance in the event of a CMS audit.
To help reporting entities comply with the Act, CMS has produced a 78 page document containing FAQs. Eagle-eyed observers have noted that the most recent version of the document includes three new FAQs relating to CMS audits (FAQs #2025 – #2027). This suggests CMS may be increasing the number of audits it carries out and reporting entities who are unsure that they fully comply with the Physician Payments Sunshine Act are advised to seek independent compliance advice.
