Setting up a compliance program is only the first step. To meet the requirement of establishing a compliance program, providers must be able to demonstrate they actually adhere to it. In other words, providers need to walk the walk and not just talk the talk. Compliance programs are a living document, and they evolve over time.
In addition to being a requirement for participation in federal healthcare programs, compliance programs can be used to mitigate sanctions imposed on providers as a result of a violation of federal laws, such as the Anti-Kickback Statute or the Physician Self-Referral Law (casually referred to as the Stark law). Under the U.S. Federal Sentencing Guidelines, the existence of an effective compliance program has the potential to reduce the culpability of the provider organization when determining sanctions for that organization.
The U.S. Federal Sentencing Guidelines document mirrors the seven core elements published by the OIG in describing the minimum requirements for a compliance program. If the provider organization is found to have exercised due diligence in detecting and preventing criminal conduct, and to have promoted a culture of compliance by executing on these seven elements, the organization may experience leniency by the sanctioning agency.
Where to Start?
Between the ability to participate in Medicare and Medicaid and protecting your organization from possible sanctions, the incentives are clear that compliance programming should be taken seriously. But where should you start? Here are three tips to get your compliance programming on track.
First, if you are new to compliance programming, read the GCPG. You need a framework for compliance programming to effectively establish a foundation that includes the seven core elements.
Second, identify the individuals who will be responsible for the compliance program. Depending on the size of the organization, this may be one person or it may be an entire department. It may even be an independent contractor. One of the key features of the seven elements is the personnel used to design and execute the compliance program. For example, the OIG stresses the need for a compliance officer, a compliance committee and the involvement of a Board of Directors or CEO.
Third, realize there is no finish line in compliance. Laws change, organizations change, and healthcare changes. The compliance concerns of 2000 look quite different from the concerns of 2025. Do not let this overwhelm your practice or organization into inaction. Understand that compliance will be a stepwise process. Although the work of compliance never ends, organizations gain compliance skills over time. Engaging with a healthcare lawyer can assist your organization in keeping up with changing regulatory landscapes.
