The javascript used on this site for creative design effects is not supported by your browser. Please note that this will not affect access to the content on this web site.
Skip Navigation
U.S. Department of Health and Human Services
  • YouTube
  • HRSA eNews
  • Print this
  • Email this


Office of Pharmacy Affairs Update

HRSA has provided information to stakeholders on many aspects of 340B Program integrity efforts.  This month, we’d like to focus on our commitment to supporting transparency from all stakeholders through the requirement to disclose violations of the 340B Program, commonly known as “self-disclosures.”

All covered entities are aware of the requirement to disclose violations; during the annual covered entity recertification process, the covered entity’s authorizing official attests to the fact that “the covered entity acknowledges its responsibility to contact HRSA as soon as reasonably possible if there is any ...material breach by the covered entity of any of the foregoing [points of 340B compliance].1  Although a covered entity attests to this during annual recertification, the self-disclosure should not be limited to the recertification timeline - a covered entity should self-disclose as soon as reasonably possible after a violation and at any given point external to the recertification process.  We are working to standardize the self-disclosure process, and highlight best practices to assist covered entities in this effort.  Our goal is to increase program transparency while ensuring that supporting processes are efficient and effective for all stakeholders. 

Self-Disclosure Process

Due to the diversity of covered entities and the need for flexibility in program implementation, HRSA recommends that each covered entity establish and document criteria that signifies when a material breach of compliance has occurred.  For situations that are a material breach, the covered entity should take steps to inform HRSA while they move to correct the issue, as outlined below.

  1. Covered Entity Reports Issue to HRSA – including the following information:
  • 340BID;
  • the violation that occurred;
  • scope of the problem;
  • a corrective action plan (CAP) to fix the problem moving forward;
  • a strategy to inform affected manufactures (if applicable); and
  • a plan for financial remedy if repayment is owed. 
  1. Covered Entity Works with Manufacturer
  • covered entity and the manufacturer work out any necessary financial remedy in good faith.
  1. HRSA Reviews Self-Disclosure, including:
  • violation information;
  • CAP, ensuring that it fully addresses issues causing the violation;
  • repayment plan and/or completion of plan; and
  • completion of contact to all affected manufacturers.
  • NOTE:  HRSA staff will follow-up with the covered entity authorizing official if any of the requested information is missing from the self-disclosure submitted.
  1. HRSA Closes Self-Disclosure
  • When all criteria under Step #3 are met, the covered entity receives written communication that the matter is closed.

Self-Disclosure Best Practices

Use Reporting Tool

The 340B Prime Vendor Program, managed by Apexus, has worked with HRSA, covered entities, and manufacturers to develop a suggested tool for the self-disclosure process (available here).  The self-disclosure tool prompts covered entities to consider all issues involved in a self-disclosure.  The goal is to help the covered entity re-establish compliance as soon as possible, and provide HRSA with all the necessary information to take appropriate action.  The self-disclosure tool includes a sample letter to HRSA, a sample letter to manufacturers, a format for summarizing non-compliance, a template for a CAP, and tips from directly from manufacturers on the best ways to resolve issues quickly and completely.

Provide Detailed Information to all Stakeholders

Covered entities are able to most efficiently and effectively resolve their compliance issue if they provide an immediate remedy to correct the material breach, propose a plan for periodic assessment and continuous monitoring, and outline a clear method to determine when the CAP is completed.  Successful covered entities have also routinely identified an implementation date, entity contact person, and clarified an internal 340B communication/education strategy.