Legal Updates: Compliance Planning for Your Practice

Physicians have a lot going on. Between the pressures of clinical and administrative responsibilities, sometimes the only way to keep everything together is with a to-do list. Unfortunately, it can often feel as though some items never come off that list. Often, the bigger a project sounds, the more likely it is to sit on that list for months—or even years. Revising or implementing a compliance plan can be just one of those big projects that tends to linger.

Although compliance programming takes a lot of resources or may be already happening informally, all physicians should review their activities to ensure they are fulfilling their obligations under the law, as well as to their practice.

Whether you already have a compliance program, are looking to start one or need to review an old compliance program, this article outlines why compliance programs are important, what must be in your compliance program and how to interact with your compliance program once it’s in place.

The Feds Require It

The Affordable Care Act (ACA) requires all providers establish a compliance program as a condition for participation in federal healthcare programs, such as Medicare and Medicaid. The ACA also requires the program contain certain core elements—although confusion about the authority used to create the core elements exists. That said, the seven core elements summarized below are generally accepted across the healthcare industry and should be included in your compliance program:

1. Written policies and procedures;
2. Compliance leadership and oversight;
3. Training and education;
4. Effective lines of communication;
5. Enforcing standards;
6. Risk assessment, auditing and monitoring; and
7. Response and corrective action initiatives.

A General Compliance Program Guidance (GCPG) document, published by the U.S. Department of Health and Human Services’ Office of Inspector General (OIG) in 2023, provides a crash course in how to create your compliance program. In addition to providing substantial background on the seven core elements, the document provides information on important healthcare laws and how different-sized organizations can scale their compliance programs on the basis of their available resources.

The OIG is also phasing in Industry Segment-Specific Compliance Program Guidance (ICPG) documents. In 2024, the OIG published its first ICPG, focused on nursing facilities. In 2025, OIG anticipates publishing three more ICPGs, focused on Medicare Advantage, hospitals and clinical laboratories. Click here for the GCPG, HHS-OIG-GCPG-2023(35802555.1), and here for the ICPG, nursing-facility-icpg(35802556.1). Check the OIG’s website for updates. 

In addition to these guidance documents, a healthcare lawyer can play a crucial role in reviewing the contents of a compliance program to advise on its effectiveness.